Slashdot Mirror
Malware Strikes Apple iOS App Store Again
tlhIngan writes "Well, it's happened again. Malware has slipped past Apple again and appeared in the iOS App Store. This time though, an iOS application came bundled with two Windows executables containing relatively old malware. It will not infect an iOS device nor Macs, but might affect Windows iTunes users. Looks like Apple needs to update their Windows malware scanner for iOS app submissions now."
Or more likely a case of ridiculous ineptness on behalf of the developer and incompetence on Apple's behalf. It is possible, despite protestations to the contrary.
The only way it might affect them is If they decide that they want to unpackage the app's .ipa package file, extract the two virus files, and then execute them, which only iOS developers and malware researchers might have a valid reason for actually doing. As they're currently packaged, however, they're entirely inert. They weren't even being flagged by Sophos and some of the other AV software out there because of how they were packaged and the fact that there was no way for them to execute.
This is a case of two inert files being accidentally bundled in an app package, which is a bit of a non-story, aside from the humorous aspect of it.
I don't want to start a holy war here, but what is the deal with you Mac fanatics? I've been sitting here at my freelance gig in front of a Mac (a 8600/300 w/64 Megs of RAM) for about 20 minutes now while it attempts to copy a 17 Meg file from one folder on the hard drive to another folder. 20 minutes. At home, on my Pentium Pro 200 running NT 4, which by all standards should be a lot slower than this Mac, the same operation would take about 2 minutes. If that.
In addition, during this file transfer, Netscape will not work. And everything else has ground to a halt. Even BBEdit Lite is straining to keep up as I type this.
I won't bore you with the laundry list of other problems that I've encountered while working on various Macs, but suffice it to say there have been many, not the least of which is I've never seen a Mac that has run faster than its Wintel counterpart, despite the Macs' faster chip architecture. My 486/66 with 8 megs of ram runs faster than this 300 mhz machine at times. From a productivity standpoint, I don't get how people can claim that the Macintosh is a superior machine.
Mac addicts, flame me if you'd like, but I'd rather hear some intelligent reasons why anyone would choose to use a Mac over other faster, cheaper, more stable systems.
From the sound of things this doesn't seem like an intentional attempt to infect users co punters via the App Store.
The iOS app itself is NOT malware, and works as its supposed to. The malware is for Win32, and can do nothing on an iOS device, or a Mac, is located deep inside the .app folder directory, and has no way of launching itself. The only way for it to spread, or even run at all would be:
Windows user browses to the iTunes backup folder .app file .exe.
For no particular reason at all decides to extract the contents of the
Decides to dig down a few directoies inside of that
Out of boredom decides to run the the infected
Rather than an intentional attempt to sneak Malware onto the App Store, it sounds more likely to me that the developer of the app was infected themselves, and unknowingly packaged it in the iOS app. Granted, Apple should be doing a virus scan before approving an App, but this malware is DOA barring the extremely unlikely scenario a user would have to do that I listed above for any chance of infection.
- "Scientia non habet inimicum nisp ignorantem"
You are paying for software, and you get send a virus. You don't even know. It gets dropped into a folder you never even think to touch. Now this time, nothing happened. This time. If apple isn't firing people over this, then they do not know what they are doing.