08.28.13

A malicious app easily passed Apple’s test track

It turns out that Apple’s strict security system is not entirely free of problems, after security researchers from Georgia Tech managed to load a malicious application to the App Store.

The app was loaded with multiple loopholes and was able to take over the device without the user’s knowledge.

In contrary to the conventional knowledge that the App Store is free of viruses, it turns out that its filtering process is not perfect, since the MIT Technology Review site reported that security researchers from Georgia Tech managed to get an app infected with malware into Apple’s App Store after it passed the review and approval by Apple’s staff.

According to the security researchers, the application, which was sent to the Apple store under the name ‘Georgia Tech News’, contained fragments of code hidden beneath legitimate code of the application, which connected together after a while and created malicious code. According to the security researchers’ conclusion, the team from Apple that examined the application, ran it for only a few seconds, and it was not enough to locate the presence of the malicious code. This technique is known to be used by malware for quite some time, where a malicious code is engaged only after few minutes, hours, days or even on particular dates.

Following the code fragments binding, it turned out that the application could perform a variety of actions, such as sending text messages and e-mails, pictures, personal information theft, theft of the device serial number and attacking other devices outside the control of the user. Also, the malware contained code that navigates the user to other Web pages filled with viruses, so the user could unknowingly spread these malware without being aware of it.

The important message is that Apple’s test process that includes static analysis of the data is not safe enough and is not able to see dynamic logic in code, which in general is not detected easily and probably requires an extra eye.

Apple said in response that the company has managed to fix the iOS operating system in response to the findings, but refused to give more details about the test and screening of new applications loaded into its App Store.

So, although it is more likely that popular operating systems such as Android and Windows Mobile have a lot more malware and more ways to easily infect your device, this study mainly shows that there is no system completely immune to malware, and that the personal information contained in your device is never 100% safe. It is recommended to run security software and scan the contents of your device, use anti-virus and other software, still, you should only download applications that you know who stands behind them.