Save $250 on Galaxy Book5 Pro 360
Discussions are now open! Start your own threads and share your thoughts with the community.
Discussions are now open! Start your own threads and share your thoughts with the community.

Researchers tricked Apple into approving an app loaded with malware

By
57comments
Google News Follow
Follow us on Google News
iOS Apple Apps
Researchers tricked Apple into approving an app loaded with malware
Researchers at Georgia Tech managed to get an app approved by Apple and posted on the Apple App Store. But unlike other apps, this one was a ticking time bomb. Inside the app, researchers placed fragments of code that were programmed to come together and assemble itself into malware. The program, aptly code named Jekyll, could send emails, tweets and texts under the radar while at the same time it could grab a device's ID number, steal personal information, take pictures and attack other apps. And it could even send mobile Safari to a page containing even more malware. In other words, this app could have been an iPhone user's worst nightmare.

The good news is that the researchers quickly took down the listing after it was posted for just a few minutes back in March. No innocent iPhone installed the app. The Georgia Tech team, on the other hand, downloaded the program and infected their own device. The researchers were able to tell that Apple ran the program for only a few seconds before giving it a stamp of approval. Unless it ran the app for a longer period of time, Apple would never know about the malware because the bad code was hidden in separate small "code gadgets" hidden by a legitimate app. Once the app was approved, the code was designed to stitch together to form the troublesome malware that could wreak havoc on an iPhone.

Apple's review process is not doing enough to safeguard the App Store. That is the message that researchers are broadcasting following the ruse. Long Lu, a member of the research team says, "The message we want to deliver is that right now, the Apple review process is mostly doing a static analysis of the app, which we say is not sufficient because dynamically generated logic cannot be very easily seen." Lu adds that it is possible that some apps on the App Store are malware and have just not yet been detected.

source: MITTechnologyReview via GIGaom

Grab Surfshark VPN now at more than 50% off and with 3 extra months for free!

Secure your connection now at a bargain price!


We may earn a commission if you make a purchase

Check Out The Offer
Did you enjoy this article?
Еxplore more with a FREE members account.
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Manage your newsletter choices
Register For Free
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.webp
Alan Friedman Senior News Writer
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.
Read the latest from Alan Friedman
Loading Comments...

Latest Discussions

Which U.S. carrier do you use, and how does it perform day-to-day?

by Abdullah Asim • 1

Best ways to use AI on your phone?

by Stanislav Serbezov • 4

iPhone 16 Pro Max vs Galaxy S25 Ultra

by Rad Slavov • 2
Start Discussion View All

Recommended Stories

Popular stories

Galaxy Z Fold 7 and Z Flip 7 leaked prices are bad news for Samsung fans
Galaxy Z Fold 7 and Z Flip 7 leaked prices are bad news for Samsung fans
Verizon reps allegedly reaching out to customers in a personal capacity
Verizon reps allegedly reaching out to customers in a personal capacity
It's like Verizon disappeared the second things got inconvenient
It's like Verizon disappeared the second things got inconvenient
Samsung Galaxy Z Fold 7 makes the Fold 6 look ancient
Samsung Galaxy Z Fold 7 makes the Fold 6 look ancient
T-Mobile Tuesdays-style gifts arriving for Verizon customers as part of Project 624
T-Mobile Tuesdays-style gifts arriving for Verizon customers as part of Project 624
Take a look at what the redesigned Google Phone app will look like
Take a look at what the redesigned Google Phone app will look like

Latest News

iOS 26 quietly adds a feature you'll thank Apple for when things go wrong
iOS 26 quietly adds a feature you'll thank Apple for when things go wrong
Pixel 10 Pro Fold could be first foldable with this feature topping the Galaxy Z Fold 7 and Flip 7
Pixel 10 Pro Fold could be first foldable with this feature topping the Galaxy Z Fold 7 and Flip 7
Congress just banned a major app over data fears — and it’s not the one you’d expect
Congress just banned a major app over data fears — and it’s not the one you’d expect
Apple releases iOS 26 Developer Beta 2 with new features and a clue about the iPhone 17 Air
Apple releases iOS 26 Developer Beta 2 with new features and a clue about the iPhone 17 Air
T-Mobile is handing out a major freebie, and it could save you hundreds a year
T-Mobile is handing out a major freebie, and it could save you hundreds a year
T-Mobile makes huge Starlink announcement as it celebrates another 5G win over AT&T and Verizon
T-Mobile makes huge Starlink announcement as it celebrates another 5G win over AT&T and Verizon
FCC OKs Cingular\'s purchase of AT&T Wireless