Researchers manage to get malware published in Apple's iOS App Store

[Half Monk 697]

While the posting of malware remains a rare occurrence on Apple's iOS App Store, a team of security researchers figured out a way to get a malicious piece of software past Apple's certification team. The team from Georgia Tech said that the app was approved and published by Apple in March but was only live for a few minutes and no innocent victims downloaded the software.

 

 

The MIT Technology Review states that on the surface, the app was supposed to offer news from Georgia Tech. In reality, it contained code that was broken into pieces at first that later assembled to turn into the malware threat. Among other things, it was capable of stealing personal information and device ID numbers from iPhones and iPads and could even attack other apps.

 

The researchers determined that the malware was scanned by Apple's team for only a few seconds before it was approved and published. Because the code was fragmented, it's likely that Apple's malware prevention methods would not have detected the threat.

 

The team presented their findings in a research paper in Washington, D.C on Friday. An Apple spokesperson said that the company has made some changes to their iOS approval process due to the information in the paper but did not reveal specifics. Marc Rogers, a principal researcher at the mobile security firm Lookout, points out that the malware method created by the George Tech team could be used by any operating system.