Did You Know?



Reply
JimM
Posts: 2,308
Topics: 299
Kudos: 1,320
Registered: ‎01-19-2012

Remotely Assembled Malware Makes it Past Apple and onto the App Store

This story really makes you wonder how may malicious apps may already be on Apple's App Store.  Apple is very proud of its review process, which it claims prevents any malware from making into the store.  However, this exploit proves quite the opposite, and it also proved exactly how rigorous the Apple review process is.  And how rigorous is that?  Well, according to the researchers, Apple runs an app for a few seconds and then gives it a green light if it doesn't find any issues using a static form of analysis - in other words, it's not exactly a robust process.

 

apple.malwarex299.jpg

 

From TechnologyReview.com:

Mystery has long shrouded how Apple vets iPhone, iPad, and iPod apps for safety. Now, researchers who managed to get a malicious app up for sale in the App Store have determined that the company’s review process runs at least some programs for only a few seconds before giving the green light.

 

This wasn’t long enough for Apple to notice that an app that purported to offer news from Georgia Tech contained code fragments that later assembled themselves into a malicious digital creature. This malware, which the researchers dubbed Jekyll, could stealthily post tweets, send e-mails and texts, steal personal information and device ID numbers, take photos, and attack other apps. It even provided a way to magnify its effects, because it could direct Safari, Apple’s default browser, to a website with more malware.


To be fair, this was a "proof-of-concept" attack.  It was carried out by researchers from Georgia Tech who only infected their own phones and then pulled the app down from the store themselves.  However, if these researchers figured it out, what's to stop anyone else with more malicious intentions of doing the same thing?

 

As of the time of the article's publication, Apple was refusing to comment on the app review process, though they did claim to have made some changes to the iOS operating system in response to the identified issues.

/// JimM ///
/// Former Community Manager - Now Humble Internet Citizen///
/// Also Formerly a Technical Support Escalations Engineer ///
Please use plain text.
explanoit
Posts: 842
Topics: 58
Kudos: 492
Ideas: 51
Registered: ‎01-11-2013

Re: Remotely Assembled Malware Makes it Past Apple and onto the App Store

Not that it ever was, but it's no longer appropriate to treat smartphone applications differently than PC applications.

 

Install only ones that have a track record and that you trust.

----------------------------------------
Business Products Sr. Community Leader and Expert Advisor - WSA-Enterprise and WSAWSS administrator of 1400+ computers
First company to 1000+ WSA endpoints | Power User / Business Ambassador / WSA-C and WSA-E Beta tester
Community LeaderCommunity Leader
Find me on Twitter!

Please use plain text.
DavidP1970
Posts: 3,243
Kudos: 1,653
Registered: ‎10-28-2012

Re: Remotely Assembled Malware Makes it Past Apple and onto the App Store

Proof of concept or not, the result is proof that it can be done.  If it can be done, it most likely has, or will be at some point.

 

Better get those iOS devices protected just like any other internet connected device!



      

New to the Community? Register now and start posting!



Helpful Webroot Links:


Download (PC)   Download (Best Buy Subscription)   Submit Trouble Ticket   Account Console   User Guides   



"If you don't learn something new every day, you need to pay more attention. I often get my daily learning here so grab a chair and stay a while!"
WSA-Complete (Beta Tester), Toshiba Satellite L305, Intel Pentium Dual CPU at 1.87 GHz, 3 GB RAM With Windows 7 (x86) (Yes its old.. but it still usually works! : )
Please use plain text.
TripleHelix
Posts: 5,399
Topics: 404
Kudos: 3,291
Ideas: 5
Registered: ‎02-03-2012

Re: Remotely Assembled Malware Makes it Past Apple and onto the App Store

[ Edited ]

DavidP1970 wrote:

Proof of concept or not, the result is proof that it can be done.  If it can be done, it most likely has, or will be at some point.

 

Better get those iOS devices protected just like any other internet connected device!


I was thinking of the same thing as my Sister inlaw was asking about an Antivirus for Apple mobile devices yesterday so I pointed her to the Webroot SecureWeb Browser and showed her a few articles about why Apple will not let the iOS use AV's. I got her set up fine on her MacBook Pro and she loves how easy it was to install as I sent her the Video Tutorial for Mac Installation & the Online Helpfile.

 

Daniel tu.gif

coollogo_com-133794099.gif


asapvip.png   SigSVIP.png    Sr.Expert Advisor Jan 23 2014.png


Webroot® SecureAnywhere™ Internet Security Complete 2014 Beta Tester v8.0.4.70 on my main system Windows 7 Ultimate 64bit & on Win XP 32bit, Win Vista 32bit, Win 7 32bit, Win 8.1 Pro 32bit & 64bit all on VM's. 


MVP.gif.pngMicrosoft® MVP Consumer Security 2012/15


New to the Community? Register now and start posting!

Please use plain text.
Frequent Voice
Jacksun
Posts: 36
Registered: ‎06-20-2013

Re: Remotely Assembled Malware Makes it Past Apple and onto the App Store

Just more proof positive that Apple products, in all iterations, are just as vulnerable as any Windows, Android, or other operating system. The vetting process for apps on cell phones is no more effective than any other process that requires human intervention. Unless they are completely disassembling the code and conducting a full review and test there will be risks and gaps to the process, and even that won't completely eliminate them. The challenge to overcome is the marketing hype that Apple has pumped out for years about being virus free and so much better than other systems in that regard. And they are repeating the behavior with their app store. And people buy it.

 

The greatest security risk out there is still the end user, and always will be. An end user will overcome every obstacle admins put in place with a single finger. 

"This app will access your IRS file - Allow?" Sure, Bob said this app is the most awesome thing ever, I gotta see it.

 

Welcome to the reality of having a computer in the palm of your hand - that stores confidential information, passwords, financial data and more. Hackers have a reason to get access to your phone, the same drivers that motivate them to get access to your laptop, PC, or server. These aren't your Grandma's cell phones any longer.

 

If a bot gets on enough phones, it could theoretically take out or bog down cell phone towers I would guess. Remote control your phone and call my friend overseas at astronomical prices? Certainly not unreasonable to think this may be possible.

 

I wonder if Apple vets the updates to Apps as closely as they vet the apps themselves?

 

Changes to the iOS operating system in response to issues? I haven't seen an update on my phone, 6.1.3 - 5 months old, and the story is a month old, am I missing something?

 

Wayne

Please use plain text.