Galaxy Tab A9+ 11” 64GB - 40% off!
Pre-order the Galaxy Z Fold 7 now and get double the storage!
Pre-order the Galaxy Z Fold 7 now and get double the storage!
Samsung has opened pre-orders for its brand new foldable.

Researchers tricked Apple into approving an app loaded with malware

By
57comments
Google News Follow
Follow us on Google News
iOS Apple Apps
Researchers tricked Apple into approving an app loaded with malware
Researchers at Georgia Tech managed to get an app approved by Apple and posted on the Apple App Store. But unlike other apps, this one was a ticking time bomb. Inside the app, researchers placed fragments of code that were programmed to come together and assemble itself into malware. The program, aptly code named Jekyll, could send emails, tweets and texts under the radar while at the same time it could grab a device's ID number, steal personal information, take pictures and attack other apps. And it could even send mobile Safari to a page containing even more malware. In other words, this app could have been an iPhone user's worst nightmare.

The good news is that the researchers quickly took down the listing after it was posted for just a few minutes back in March. No innocent iPhone installed the app. The Georgia Tech team, on the other hand, downloaded the program and infected their own device. The researchers were able to tell that Apple ran the program for only a few seconds before giving it a stamp of approval. Unless it ran the app for a longer period of time, Apple would never know about the malware because the bad code was hidden in separate small "code gadgets" hidden by a legitimate app. Once the app was approved, the code was designed to stitch together to form the troublesome malware that could wreak havoc on an iPhone.

Apple's review process is not doing enough to safeguard the App Store. That is the message that researchers are broadcasting following the ruse. Long Lu, a member of the research team says, "The message we want to deliver is that right now, the Apple review process is mostly doing a static analysis of the app, which we say is not sufficient because dynamically generated logic cannot be very easily seen." Lu adds that it is possible that some apps on the App Store are malware and have just not yet been detected.

source: MITTechnologyReview via GIGaom

Grab Surfshark VPN now at more than 50% off and with 3 extra months for free!

Secure your connection now at a bargain price!


We may earn a commission if you make a purchase

Check Out The Offer
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.webp
Alan Friedman Senior News Writer
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.
Read the latest from Alan Friedman
Loading Comments...

Latest Discussions

You cannot count on Samsung to repair their phones

by ourslander • 5

Hypothetical Which Phone Would You Choose

by TBomb • 9

Stop Playing

by Doug Fresh 123 • 5
Start Discussion View All

Recommended Stories

Popular stories

Everyone can get a free Galaxy Z Flip 7 from T-Mobile with or without a trade-in and minimal effort
Everyone can get a free Galaxy Z Flip 7 from T-Mobile with or without a trade-in and minimal effort
T-Mobile is desperately trying to stop its users from leaving with better-than-ever retention offers
T-Mobile is desperately trying to stop its users from leaving with better-than-ever retention offers
Past Pixel problem resurfaces again creating chaos in users' lives
Past Pixel problem resurfaces again creating chaos in users' lives
T-Mobile expected to face tough times ahead, lag behind AT&T, Verizon
T-Mobile expected to face tough times ahead, lag behind AT&T, Verizon
I'm a bargain hunter, and I think the Pixel 9 Pro is a must-have at its lowest price this Prime Day
I'm a bargain hunter, and I think the Pixel 9 Pro is a must-have at its lowest price this Prime Day
Ex-Verizon rep spills the best time to call your carrier and get results
Ex-Verizon rep spills the best time to call your carrier and get results

Latest News

I’m a big fan of the JBL Endurance Peak 3 for workouts—and at 40% off this Prime Day, they’re a steal
I’m a big fan of the JBL Endurance Peak 3 for workouts—and at 40% off this Prime Day, they’re a steal
The iPhone has become awful at photography as of late
The iPhone has become awful at photography as of late
Apple’s S Pen alternative might work with iPhone, MacBook Pro, and even Apple Watch
Apple’s S Pen alternative might work with iPhone, MacBook Pro, and even Apple Watch
The budget-friendly Galaxy Tab S6 Lite (2024) is an epic bargain at 43% off this Prime Day
The budget-friendly Galaxy Tab S6 Lite (2024) is an epic bargain at 43% off this Prime Day
I'm a bargain hunter, and I think the Pixel 9 Pro is a must-have at its lowest price this Prime Day
I'm a bargain hunter, and I think the Pixel 9 Pro is a must-have at its lowest price this Prime Day
The Pixel Tablet plunges in price for Prime Day
The Pixel Tablet plunges in price for Prime Day
FCC OKs Cingular\'s purchase of AT&T Wireless