Malware Strikes Apple iOS App Store Again

tlhIngan writes "Well, it's happened again. Malware has slipped past Apple again and appeared in the iOS App Store. This time though, an iOS application came bundled with two Windows executables containing relatively old malware. It will not infect an iOS device nor Macs, but might affect Windows iTunes users. Looks like Apple needs to update their Windows malware scanner for iOS app submissions now."

A lot of work?

[Zibodiz]

This just seems like a lot of work to infect a windows PC. Especially considering the relatively good track record Apple has at preventing malware from appearing on their platform. I almost half wonder if this is more of a proof-of-concept for a bored hacker.

Re:A lot of work?

[Microlith]

Or more likely a case of ridiculous ineptness on behalf of the developer and incompetence on Apple's behalf. It is possible, despite protestations to the contrary.

Re:A lot of work?

[Ryanrule]

You are paying for software, and you get send a virus. You don't even know. It gets dropped into a folder you never even think to touch. Now this time, nothing happened. This time. If apple isn't firing people over this, then they do not know what they are doing.

Re:A lot of work?

[amicusNYCL]

Apple's incompetence? You are suggesting that Apple is responsible for detecting Malware that affects non-Apple OSes? Should they should look for Linux malware also?

If they're going to run a "curated" app store, then wouldn't it stand to reason that they actually curate their app store? If you can bundle any random files in your app that you want to, and Apple will approve the app, then Apple is distributing those files for you. You could bundle child porn images using whatever filenames you want even, add them into an otherwise frivolous app, put that on the app store for $.99, advertise it wherever those things are currently advertised with instructions about how to extract the images, and voila. Not only is Apple selling your child porn for you, but they're taking a cut of the profits.

So yeah, Apple sort of does have a duty to look at the files in the packages that people submit, regardless of whether they are specifically looking for malware or anything else, and regardless of what OS it targets. You would think an app package distributed with Windows .exe files would raise a red flag, but apparently not. Why is that? Hold on to your fragile Apple sensibilities, because it just may be due to incompetence in Apple screening the app packages.

...might affect Windows iTunes users?

[Anubis+IV]

The only way it might affect them is If they decide that they want to unpackage the app's .ipa package file, extract the two virus files, and then execute them, which only iOS developers and malware researchers might have a valid reason for actually doing. As they're currently packaged, however, they're entirely inert. They weren't even being flagged by Sophos and some of the other AV software out there because of how they were packaged and the fact that there was no way for them to execute.

This is a case of two inert files being accidentally bundled in an app package, which is a bit of a non-story, aside from the humorous aspect of it.

Re:...might affect Windows iTunes users?

[Anubis+IV]

As I said, the files are inert, so they're not causing errors. Even if the developer inserted an error for malicious reasons, there are easier ways to get malware installed on people's systems. For instance, post a download that will "fix" the problem on your website, then point users to it. Either way, as soon as Apple becomes aware of what's happening, they'll take the app down, which is exactly what happened here already, and the malware gets instantly identified by most AV software once it's removed from the package, so that's a non-starter as well.

What's with /.'s formatting?

[cpu6502]

I have both Lowbandwidth and Simple Design checked but it's still feeding me a complicated front page.

My Mac Sucks

I don't want to start a holy war here, but what is the deal with you Mac fanatics? I've been sitting here at my freelance gig in front of a Mac (a 8600/300 w/64 Megs of RAM) for about 20 minutes now while it attempts to copy a 17 Meg file from one folder on the hard drive to another folder. 20 minutes. At home, on my Pentium Pro 200 running NT 4, which by all standards should be a lot slower than this Mac, the same operation would take about 2 minutes. If that.

In addition, during this file transfer, Netscape will not work. And everything else has ground to a halt. Even BBEdit Lite is straining to keep up as I type this.

I won't bore you with the laundry list of other problems that I've encountered while working on various Macs, but suffice it to say there have been many, not the least of which is I've never seen a Mac that has run faster than its Wintel counterpart, despite the Macs' faster chip architecture. My 486/66 with 8 megs of ram runs faster than this 300 mhz machine at times. From a productivity standpoint, I don't get how people can claim that the Macintosh is a superior machine.

Mac addicts, flame me if you'd like, but I'd rather hear some intelligent reasons why anyone would choose to use a Mac over other faster, cheaper, more stable systems.

Re:My Mac Sucks

[Concerned+Onlooker]

The 1990s just called. They want their post back.

Re:My Mac Sucks

Whooooooooosh!

Re:My Mac Sucks

[sootman]

That's a well-know old comment that has been posted many times over the years.
  Half a million matches on Google.
  20 on Slashdot alone.
... and many more that didn't get modded up enough for Google to see, or didn't use that exact whole line. It has also been parodied a lot.

Slightly overblown issue?

[EGSonikku]

From the sound of things this doesn't seem like an intentional attempt to infect users co punters via the App Store.

The iOS app itself is NOT malware, and works as its supposed to. The malware is for Win32, and can do nothing on an iOS device, or a Mac, is located deep inside the .app folder directory, and has no way of launching itself. The only way for it to spread, or even run at all would be:

Windows user browses to the iTunes backup folder
For no particular reason at all decides to extract the contents of the .app file
Decides to dig down a few directoies inside of that
Out of boredom decides to run the the infected .exe.

Rather than an intentional attempt to sneak Malware onto the App Store, it sounds more likely to me that the developer of the app was infected themselves, and unknowingly packaged it in the iOS app. Granted, Apple should be doing a virus scan before approving an App, but this malware is DOA barring the extremely unlikely scenario a user would have to do that I listed above for any chance of infection.

Re:Non-story

[EGSonikku]

No, it wouldn't be trivial. The end user would have to decompress the .ipa file manually on a PC, manually browse a few directories deep, and manually open the .exe.

There is no way for this malware to run itself at all, and a user would have to be intentionally TRYING to infect themselves for it to even run.

Re:Non-story

[EGSonikku]

Sigh, it is secure, or at least this "issue" doesn't show that it isn't secure. Even on a Windows PC, this app cannot infect you through iTunes. The ONLY WAY it can infect the user would be for the user to manually extract the contents of the .IPA (iPhone app), then dig through a bunch of folders, and then try to open the executable (and ignore warnings from Windows not to do so).

There is no way aside from that for this malware to install, infect, or spread.

Not really fair..

[anomaly256]

Did anyone else stop and think 'That's not really fair, Mountain Lion isn't THAT bad' when they read the headline?