Well, it’s something that could definitely happen if you’re still using an iOS version lower than iOS 8.4.1. The vulnerability, dubbed Ins0mnia, basically allows apps to just ignore the termination request by the user as well as the iOS timeout protocols. The worst thing: It will look like the app got terminated since it won’t be visible in the task switcher anymore.
“A malicious application could leverage the Ins0mnia vulnerability to run in the background and steal sensitive user information for an unlimited time without the user’s consent or knowledge. This sensitive information could then continuously be sent out to a remote server. This flaw could also be leveraged to drastically reduce device performance and system usability. It could even be used to drain the battery“, says FireEye on its page.
The attack basically makes the device believes that the app is being debugged, which then in turn prevents the system from shutting down the app once the permitted background duration expired. If you want to see exactly what’s happening, take a look at the “Ins0mnia Never Sleeps” video below.
The good thing is that Apple was informed about the security flaw some time ago and that it was fixed with iOS 8.4.1. The only thing you need to do is update.