Researchers Show How Apple's App Approval Process Can Be Beaten by Malicious Apps
Researchers from Georgia Tech submitted to the App Store and received approval for a malicious app, according to Technology Review. The researchers submitted an innocuous app that included inactive malware-type code hidden from Apple's app approval system.
When downloaded onto a test device after the app was approved, the app 'phoned home' and gained a variety of abilities that compromised the host phone.
This malware, which the researchers dubbed Jekyll, could stealthily post tweets, send e-mails and texts, steal personal information and device ID numbers, take photos, and attack other apps. It even provided a way to magnify its effects, because it could direct Safari, Apple’s default browser, to a website with more malware.
The researchers, including Long Lu, a Stony Brook University researcher who was part of the team at Georgia Tech, only put the app on the App Store very briefly and it was not downloaded by anyone other than research team members.
The team said that using monitoring code built into the app, they determined that Apple's app approval team only ran the app for a few seconds and that malicious code was not discovered by Apple's team. "The message we want to deliver is that right now, the Apple review process is mostly doing a static analysis of the app, which we say is not sufficient because dynamically generated logic cannot be very easily seen," said Lu.
Apple spokesman Tom Neumayr told Technology Review that the company made some changes to the iOS operating system in response to the paper, though he did not specify what the changes were.
Popular Stories
iPhone 14 Pro models are widely expected to feature always-on displays that allow users to view glanceable information without having to tap to wake the screen. In the latest edition of his Power On newsletter for Bloomberg, Mark Gurman said the feature will include support for iOS 16's new Lock screen widgets for weather, fitness, and more.
"Like the Apple Watch, the iPhone 14 Pro will be...
Benchmark testing has indicated that the 256GB variant of the 13-inch MacBook Pro with M2 chip offers slower SSD performance than its M1 equivalent, and now real-world stress testing by YouTuber Max Yuryev of Max Tech suggests that the 256GB SSD in the 13-inch MacBook Pro is also underperforming in day-to day-usage.
The M2 MacBook Pro with 256GB SSD and 8GB RAM was slower than the M1 MacBook ...
Following the launch of Apple's new 13-inch MacBook Pro with the M2 chip, it has been discovered that the $1,299 base model with 256GB of storage has significantly slower SSD read/write speeds compared to the equivalent previous-generation model.
YouTube channels such as Max Tech and Created Tech tested the 256GB model with Blackmagic's Disk Speed Test app and found that the SSD's read and...
In the latest edition of his Power On newsletter for Bloomberg, Mark Gurman outlined additional M2 Macs on Apple's product roadmap, including new Mac mini models with M2 and M2 Pro chips, new 14-inch and 16-inch MacBook Pro models with M2 Pro and M2 Max chips, and a new Mac Pro tower with M2 Ultra and "M2 Extreme" chips.
Following the M2 series of Macs, Gurman said the first M3 series of...
TSMC will manufacture Apple's upcoming "M2 Pro" and "M3" chips based on its 3nm process, according to Taiwanese industry publication DigiTimes.
"Apple reportedly has booked TSMC capacity for its upcoming 3nm M3 and M2 Pro processors," said DigiTimes, in a report focused on competition between chipmakers like TSMC and Samsung to secure 3nm chip orders. As expected, the report said TSMC will...
With many customers choosing to upgrade their iPhone every two or three years nowadays, there are lots of iPhone 11 Pro users who might be interested in upgrading to the iPhone 14 Pro later this year. Those people are in for a treat, as three years of iPhone generations equals a long list of new features and changes to look forward to.
Below, we've put together a list of new features and...
Polish developer Michał Gapiński has released a new and improved version of his "Tesla Android Project" which brings Apple's CarPlay experience to more Tesla vehicles than ever before.
According to Gapiński, version 2022.25.1 provides "100% functional CarPlay integration for any Tesla," and comes with several new features and bug fixes.
The project now supports DRM video playback so that...
Apple today launched its annual "Back to School" promotion for college/university students in the United States and Canada. This year's promotion offers a free Apple gift card with the purchase of an eligible Mac or iPad, rather than free AirPods like last year. Apple is also offering students 20% off AppleCare+ plans during the promotion.
Apple is offering a $150 gift card with the purchase ...
Top Rated Comments
The only way this will ever change is if the compilation of the apps is done on Apple servers.
Too bad this malicious malware wasn't discovered.
Well, the fact that you can deactivate malicious code in your app until your app passed Apples review is well known to basically everyone who writes software.
Does anybody remember HiddenApps (https://www.macrumors.com/2013/03/11/hiddenapps-hides-stock-apps-iads-and-more-on-non-jailbroken-ios-devices/), the app that could be used to hide app icons on your device?
That app fetched a file from a webserver, if the file said "hide malicious code" the app showed some useless tricks on how to save battery. Once the app passed review the file said "do evil stuff" and the app executed the parts that would have lead to an rejection immediately.
There is no way to catch all evil code in an App. Not even access to the source code will make you a hundred percent safe. Because you have to read and understand it all to make a judgement. Ain't nobody got time for that.