+ Reply
Results 1 to 2 of 2

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Remotely Assembled Malware App Dubbed Jekyll Reveals Flaws in App Store Review Process

is a discussion within the

Mac News

forums, a part of the

General Apple/Mac

section;
...
  1. #1
    MMi Staff Writer Akshay Masand's Avatar
    Join Date
    Sep 2011
    Location
    New York City
    Posts
    3,791
    Thanks
    3
    Thanked 118 Times in 104 Posts

    Default Remotely Assembled Malware App Dubbed Jekyll Reveals Flaws in App Store Review Process


    A group of researchers from Georgia Tech recently managed to get a malicious app past Apple’s review process, finding the company runs only a few seconds’ worth of tests before posting an app to the App Store. Given the name “Jekyll,” the malicious software was uploaded to Apple’s App Store in March to test the company’s control measures, which dictate what apps are allowed to be distributed through the App Store, according to MIT’s Technology Review.

    According to the research term responsible for creating the software, Apple was unable to distinguish dormant bits of code that would later be assembled into a malicious app. Once installed on a victim’s device, Jekyll, disguised as a news delivery app, was able to post tweets, send email and text messages, access the phone’s address book, take pictures and direct Safari to malicious website, among other malicious actions. According to Stony Brook University research Long Lu:

    The app did a phone-home when it was installed, asking for commands. This gave us the ability to generate new behavior of the logic of that app which was nonexistent when it was installed.
    Jekyll also had code built in that allowed the researchers to monitor Apple’s testing process, which reportedly only ran the app for “a few seconds” before letting it go live on the App Store. Lu claimed the Georgia Tech team deployed Jekyll for only a few minutes, downloading and pointing the app toward themselves for testing. No consumers installed the app before it was ultimately taken down as a safety precaution. According to Lu:

    The message we want to deliver is that right now, the Apple review process is mostly doing a static analysis of the app, which we say is not sufficient because dynamically generated logic cannot be very easily seen.
    The research team wrote up its results in a paper that was originally scheduled for presentation on Friday at the Usenix conference in Washington, D.C. Apple spokesman Tom Neumayr said the company took the research into consideration and has updated iOS to deal with several issues that were outlined in the paper. The exact specifics of the fixes weren’t disclosed and no comment was made on the App Store review process though. Regardless, it’s nice to know that the research was put to good use and the iOS platform is a bit more secure.

    Source: Technology Review

    Twitter: @AkshayMasand

  2. #2
    Theme Creator Jahooba's Avatar
    Join Date
    Jun 2009
    Posts
    2,919
    Thanks
    1,425
    Thanked 1,699 Times in 839 Posts

    Let's hope Apple is on top of these kinds of infiltrations in the future - people keep their lives on their phones!

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts