"Jekyll" Test Attack Sneaks Through Apple App Store, Wreaks Havoc 206
An anonymous reader writes "A malware test app sneaked through Apple's review process disguised as a harmless app, and then re-assembled itself into an aggressive attacker even while running inside the iOS 'sandbox' designed to isolate apps and data from each other. The app, dubbed Jekyll, was helped by Apple's review process. The malware designers, a research team from Georgia Institute of Technology's Information Security Center, were able to monitor their app during the review: they discovered Apple ran the app for only a few seconds, before ultimately approving it. That wasn't anywhere near long enough to discover Jekyll's deceitful nature."
Re:I call bullshit on "unaware" claims (Score:5, Informative)
Read the paper - they watched the interaction in a debugger to find the right messages to send to the right private classes in order to bypass this.
This only worked with iOS 5 - last year Apple moved sheets like these into external processes and used a proxy view controller to show them in applications instead of embedding the functionality directly, so attacks like this aren't possible any more where this technique has been used.
I agree that this is somewhat sensationalised, but they were able to do this without the normal user approval in the 4% or so of people still running a two year old version of iOS.
Re:Apple review process = a few seconds? (Score:5, Informative)
you can go without a middleman for android apps.. all android devices allow you to install apk's.
now that is a large difference to iOS or windows phone.
if you don't see the difference then you're a fucking moron, the other os allows you to point to a file on any fucking webserver and the other doesn't. the other platform allows you to install anything without the device(or os) manufacturer greenlighting the app while the other censors whatever the fuck it wants that week to censor.
Aha (Score:3, Informative)
I looked for the paper but could not find the link. Thanks for the extra info.
As I thought, they did not break the sandbox at all. Attacks that don't work in iOS6 are irrelevant at this point...
It's totally sensationalized. It remains true there's no way a real app can "wreak havoc" even if you inject code later.
Re:BUT MACS DON'T GET ... (Score:5, Informative)
Re:I call bullshit on "unaware" claims (Score:5, Informative)
Some items only worked in iOS 5.
Based on Table 1 from their paper here [usenix.org], the following items could be accomplished by their app on iOS 6:
- posting tweets
- using the camera
- dialing
- using bluetooth
- crashing safari
- stealing device
It was only sending SMS messages, sending email, and rebooting the system that were limited to iOS 5.