gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
76793 Posts in 13502 Topics by 1651 Members - Latest Member: Arnold99 November 25, 2024, 03:38:51 am
*
gfx*gfx
gfx
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Seemingly benign “Jekyll” app passes Apple review, then becomes “evil”
gfx
gfxgfx
 

Author Topic: Seemingly benign “Jekyll” app passes Apple review, then becomes “evil”  (Read 1122 times)

0 Members and 1 Guest are viewing this topic.

http://arstechnica.com/security/2013/08/seemingly-benign-jekyll-app-passes-apple-review-then-becomes-evil/

Quote
Computer scientists say they found a way to sneak malicious programs into Apple's exclusive app store without being detected by the mandatory review process that's supposed to automatically flag such apps.

The researchers from the Georgia Institute of Technology used the technique to create what appeared to be a harmless app that Apple reviewers accepted into the iOS app store. They were later able to update the app to carry out a variety of malicious actions without triggering any security alarms. The app, which the researchers titled "Jekyll," worked by taking the binary code that had already been digitally signed by Apple and rearranging it in a way that gave it new and malicious behaviors.

"Our method allows attackers to reliably hide malicious behavior that would otherwise get their app rejected by the Apple review process," the researchers wrote in a paper titled Jekyll on iOS: When Benign Apps Become Evil. "Once the app passes the review and is installed on an end user's device, it can be instructed to carry out the intended attacks. The key idea is to make the apps remotely exploitable and subsequently introduce malicious control flows by rearranging signed code. Since the new control flows do not exist during the app review process, such apps, namely Jekyll apps, can stay undetected when reviewed and easily obtain Apple’s approval."

Apple representatives didn't immediately respond to a request for comment, but company spokesman Tom Neumayr told MIT Review that developers have made changes to the iOS operating system in response to issues identified in the paper. It remains unclear if the vulnerabilities have been completely fixed.

The Jekyll app was only active for a few minutes following it's launch in March and during that time it wasn't installed by anyone not involved in the experiment, the researchers said. The app had the ability to carry out a variety of malicious attacks, including stealthily sending tweets, e-mails, and text messages; stealing device ID numbers; taking photos; and attacking other apps. The app could also cause Apple's Safari browser to load booby-trapped websites.

Offline White Stripes

  • Core
  • *****
  • ***
  • Je suis aimé
remember the days when you had total control of the devices you owned and the data contained therein?

must have been before my time

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Seemingly benign “Jekyll” app passes Apple review, then becomes “evil”
 

gfxgfx
gfx
©2005-2024 WinMXWorld.com. All Rights Reserved.
SMF 2.0.19 | SMF © 2021, Simple Machines | Terms and Policies
Page created in 0.009 seconds with 23 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!