Apple's App Store approves deliberately malicious app

By on
Apple's App Store approves deliberately malicious app

Researchers have revealed four serious vulnerabilities in Apple's Mac OS X and iOS operating systems, and created a malicious app that was briefly published in the App Store.

A team of academics from USA's University of Indiana, Georgia Institute of Technology, and China's Peking University discovered the container security issues in the operating systems and reported them to Apple in October.

Security firm Symantec said in a blog post last week that "although some issues have been addressed, most of the vulnerabilities remain unpatched".

Apple tests apps submitted to the App Store to assure users of security and Mac OS X's Gatekeeper rejects apps that are not from the App Store or a "trusted" developer. However, the research group created a demonstrative malicious app that passed Apple's vetting and was made available on the App Store.

The software was only removed from the market when the authors withdrew it.

"No known exploits of these vulnerabilities have occurred in the wild. However, as word spreads of their existence, Symantec believes it likely that attackers will begin attempting to exploit them," wrote Symantec senior information developer Dick O'Brien.

Consumers on Mac OS X, used on Apple computers, and iOS, used on iPhones and iPads, were warned to "exercise caution when installing new software and, if in doubt, opt for products from trusted vendors".

"Users of Mac OSX and iOS are advised to apply any security updates issued by Apple as and when they become available," wrote O'Brien. "Keep security software up to date. This will limit the likelihood of any exploit being used to successfully deliver malware to your computer."

The four security holes concerned OS X and iOS' sandboxing, or container, technology:

  • Malicious apps could create or delete a keychain for another app to steal passwords.
  • Sub-targets of malicious apps could connect to other containers to access data.
  • Inter-app communications could be intercepted.
  • URL schemes could be hijacked to steal access tokens and other data.

This latest warning for Apple users comes after a Portuguese researcher earlier this month reported Mac malware that overwrites firmware and survives hard disk formatting.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © CRN Australia. All rights reserved.
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Log In

Username / Email:
Password:
  |  Forgot your password?