Researchers have been trying to sneak malicious software onto the App Store to expose holes in Apple's iOS security system for a while now. Well, a team at Georgia Tech led by Tielei Wang managed to do just that a few days ago, sneaking malware onto Apple's marketplace disguised as your average news reader.
The Georgia Tech researchers programmed the app, dubbed Jekyll, to connect with their servers once approved, allowing it to repurpose itself as malware. The app was then able to send texts and emails as well as make calls and even restart the device.
The app was published on the App Store long enough for the research group that created it to successfully install it on their devices. The group then immediately removed it themselves. They said that Apple only tested the app for a few seconds before allowing it through.
The purpose of Jekyll is to highlight that the "Apple review process is mostly doing a static analysis of the app," according to the researchers, which "is not sufficient because dynamically generated logic cannot be very easily seen.” The group also say they feel there's a good chance there could be malicious apps still floating around on the App Store undetected.
In response to the results published last week, Apple said it has made changes to iOS security based on data from the Georgia Tech researchers. How much of a difference this will make is unclear, but this certainly isn't the first time this has happened.
Twitter employee and retired NSA analyst Charlie Miller landed himself in some hot water with Apple back in 2011 for exposing security flaws in a similar fashion. His app looked like your average Stock checker, but under the hood it was able to retrieve running processes and address book data, among other things.