Please login or register.

Login with username, password and session length
gfx gfx
76778 Posts in 13501 Topics by 1650 Members - Latest Member: insider4ever June 23, 2024, 08:15:11 pm
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Seemingly benign “Jekyll” app passes Apple review, then becomes “evil”

Author Topic: Seemingly benign “Jekyll” app passes Apple review, then becomes “evil”  (Read 1069 times)

0 Members and 1 Guest are viewing this topic.

Computer scientists say they found a way to sneak malicious programs into Apple's exclusive app store without being detected by the mandatory review process that's supposed to automatically flag such apps.

The researchers from the Georgia Institute of Technology used the technique to create what appeared to be a harmless app that Apple reviewers accepted into the iOS app store. They were later able to update the app to carry out a variety of malicious actions without triggering any security alarms. The app, which the researchers titled "Jekyll," worked by taking the binary code that had already been digitally signed by Apple and rearranging it in a way that gave it new and malicious behaviors.

"Our method allows attackers to reliably hide malicious behavior that would otherwise get their app rejected by the Apple review process," the researchers wrote in a paper titled Jekyll on iOS: When Benign Apps Become Evil. "Once the app passes the review and is installed on an end user's device, it can be instructed to carry out the intended attacks. The key idea is to make the apps remotely exploitable and subsequently introduce malicious control flows by rearranging signed code. Since the new control flows do not exist during the app review process, such apps, namely Jekyll apps, can stay undetected when reviewed and easily obtain Apple’s approval."

Apple representatives didn't immediately respond to a request for comment, but company spokesman Tom Neumayr told MIT Review that developers have made changes to the iOS operating system in response to issues identified in the paper. It remains unclear if the vulnerabilities have been completely fixed.

The Jekyll app was only active for a few minutes following it's launch in March and during that time it wasn't installed by anyone not involved in the experiment, the researchers said. The app had the ability to carry out a variety of malicious attacks, including stealthily sending tweets, e-mails, and text messages; stealing device ID numbers; taking photos; and attacking other apps. The app could also cause Apple's Safari browser to load booby-trapped websites.

Offline White Stripes

  • Core
  • *****
  • ***
  • Je suis aimé
remember the days when you had total control of the devices you owned and the data contained therein?

must have been before my time

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Seemingly benign “Jekyll” app passes Apple review, then becomes “evil”

©2005-2024 All Rights Reserved.
SMF 2.0.19 | SMF © 2021, Simple Machines | Terms and Policies
Page created in 0.032 seconds with 26 queries.
Helios Multi © Bloc
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!