Researchers Plant Malware on Apple's App Store

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

According to MIT Technology Review, a team of researchers at Georgia Tech recently managed to bypass Apple's security process and plant a malicious app in the App Store (h/t Softpedia).

To exploit the fact that Apple runs at least some programs for only a few seconds before approving them, the researchers decomposed the malicious code into "code gadgets" that were hidden but could later be reassembled.

"The app did a phone-home when it was installed, asking for commands," Stony Brook University researcher Long Lu, part of the Georgia Tech team, told MIT Technology Review. "This gave us the ability to generate new behavior of the logic of that app which was nonexistent when it was installed."

"The message we want to deliver is that right now, the Apple review process is mostly doing a static analysis of the app, which we say is not sufficient because dynamically generated logic cannot be very easily seen," Lu added.

Apple spokesman Tom Neumayr told MIT Technology Review that the company made some changes in response to the researchers' report, though he wouldn't comment on Apple's app review process.

The report [PDF] was recently presented at the 22nd USENIX Security Symposium in Washington, D.C.