Apple App Store screening process is no match for Jekyll malware

Thought Apple’s App Store is free of malware? Well, you wouldn’t be completely wrong and the problem of malware in iOS certainly pales in comparison to the Android ecosystem. So far only one malicious app has been found live on the App Store, in comparison to thousands of Android apps that have been determined to be malicious.

Advocates of iOS have always maintained that Apple’s walled garden approach screens malware before letting it pass through to the App Store. But researchers have proven that not all apps are meticulously checked by Apple’s engineers and systems. The app, disguised as a news app for Georgia Tech, contained pieces of code that assembled together upon installation form the malicious software. MIT Technology Review reports that researchers put up a malicious app for sale in the App Store and it shows that Apple’s review process tests some apps for only a few seconds before letting them pass through to the store.

Millions of apps and games

Malware can be sneaked into the App Store, say researchers


The few seconds that Apple tested the app wasn’t long enough for the company to determine that it was indeed malware. This malware, which the researchers from Georgia Tech called Jekyll, could post tweets, send e-mails and text messages, steal data and device ID numbers, take photos, and also infect other safe apps. If this were a malware propagated by an attacker, it could give them liberty to do more damage to your device because Jekyll could direct Safari, the iPhone and iPad’s default browser to a website which could install more malware on the device.

Jekyll went live in March, but no regular users installed the app. Researchers installed the app through the App Store on their own devices, studied its capabilities and then withdrew it before it could do damage to unsuspecting iOS users.

The message we want to deliver is that right now, the Apple review process is mostly doing a static analysis of the app, which we say is not sufficient because dynamically generated logic cannot be very easily seen,” said Long Lu, a Stony Brook University researcher who was part of the team at Georgia Tech, helmed by Tielei Wang, that submitted the paper which detailed Jekyll

In response, an Apple spokesman, Tom Neumayr, said the company made some changes to iOS, which seemingly fixed the issues brought up by Jekyll, but shied away from commenting on the app review process of Apple.

Published Date: Aug 19, 2013 11:51 am | Updated Date: Aug 19, 2013 11:51 am