Apple

Researchers Snuck Malware Onto the App Store By Making It a Transformer

Eric Limer, Gawker Media

Researchers Snuck Malware Onto the App Store By Making It a Transformer

No one really knows exactly how Apple makes sure the apps that wind up in its store are safe. All we know is that the App Store has a better track record than its Android counterpart. But nothing is ever totally safe. Researchers managed to sneak malware onto the App Store with ease by giving their app the power to transform.

The app, called Jekyll, was able to send e-mails and texts, steal information and device ID numbers, take photos, send tweets, and attack other apps. But it's trick was that it couldn't do this right away. Instead, it's malicious code was broken into innocent-looking segments that would transform after download.

Long Lu, one of the researchers on the team, described it this way:

The app did a phone-home when it was installed, asking for commands. This gave us the ability to generate new behavior of the logic of that app which was nonexistent when it was installed.

After the team slipped Jekyll into the App Store, they downloaded it and ran the attacks on themselves before deleting it off the store. Through monitoring the app, they were able to tell that Apple only scanned it for mere seconds, before approval, though who knows if a longer scan really would have helped.

The experiment happened all the way back in March, but the team only just spilled the beans about their results last Friday at a the Usenix conference in Washington, and since then, Apple has tweaked its app review process in ways that its not keen on talking about. It just goes to show that you can never be too careful what you download; there are always going to be ways to sneak sketchy apps past the guards. [MIT Technology Review]

Comments are moderated and will be allowed if they are about the topic and not abusive.
Characters Remaining: 3000
To post this comment you must Log In/Connect with:
x
Recommended for you