The pre-approval process for iOS apps is supposed to prevent malicious software from being allowed onto the App Store. However, since the process requires manual scanning, it isn’t perfect — a point demonstrated by malware researchers who successfully had an app published which was capable of taking photos, sending texts and and gathering personal information.
The trick which the researchers used was the ability to modify the app after installation, making it capable of executing code which wasn’t evident when Apple scanned it. According to the researchers, the app was only scanned for a few seconds prior to approval. Apple doesn’t like to give details of how its scanning processes work, but this is hardly the first problem we’ve seen; one notable example last year showed how easily apps could harvest details from address books on iPhones and iPads.
The researchers removed the malicious app after determining that the attack process had worked. What it underscores isn’t that Apple’s process is fatally flawed (checking apps will definitely eliminate unsubtle malware), but that no security process is perfect. As such, users shouldn’t lull themselves into a false sense of security simply because of the platform they’re using. Nor should IT pros presume that Apple devices are immune. A little caution and common sense goes a long way. Check permissions. Don’t go on app-buying binges. Set a password on your device. It all helps.
Remotely Assembled Malware Blows Past Apple’s Screening Process [MIT Technology Review via Gizmodo]
Comments