Apple iOS 6 (teaser 001)

Apple’s iOS is generally considered the most reliable and secure mobile platform out there so little wonder that iPhones and iPads are the gadgets of choice of mobile workers everywhere. Despite its Unix underpinnings, iOS of course isn’t bullet-proof – no software is. But unlike Google’s malware-infested Android, you don’t hear every day about an iOS weakness so fatal it opens the door to malware.

Unfortunately, today is precisely that day as researchers from the Georgia Tech Information Security Center (GTISC) publish details about a newly discovered iOS vulnerability that allows malware installation via seemingly innocuous apps.

The weakness circumvents Apple’s security measures and paves the way to “significant security threats to the iOS platform.” We’re expecting a swift response on Apple’s part and a fix via a future update…

According to a media release Georgia Tech put out last week, researcher Billy Lau and his team showed off the security exploit at Black Hat.

The iOS weakness, they explain, allows attackers to sneak malware past Apple’s app review process and install it onto iOS devices silently, without you being aware of any suspicious activity.

Wang’s approach hides malicious code that would otherwise get rejected during the Apple review process. Once the malicious app passes review and is installed on a user’s device, it can be instructed to carry out malicious tasks.

Theoretically, a third-party iOS app like Facebook could be the carrier of malware.

The team introduced a proof-of-concept attack called Jekyll that rearranges its own code to create new functionality that is not exhibited during Apple’s approval process.

“This allows the malicious aspects of the app to remain undetected when reviewed and therefore obtain Apple’s approval,” the release reads.

They were able to publish a malicious app and use it to remotely launch attacks on a controlled group of devices.

Our research shows that despite running inside the iOS sandbox, a Jekyll-based app can successfully perform many malicious tasks, such as posting tweets, taking photos, sending email and SMS, and even attacking other apps – all without the user’s knowledge.

Apple has apparently “indicated that it is continuing to work on ways to address the weaknesses revealed through Jekyll,” Georgia Tech’s press release claims.

At any rate, this Jekyll method should be enough to give Apple a pause, especially given the bragging in Apple’s 2012 white paper which sings praises to iOS devices for providing “stringent security technology and features”.

The report also mentions another recently discovered iOS weakness that uses a proof-of-concept malicious charger and a single-board computer to stealthily install a malicious app.

For what it’s worth, iOS 7 has fixed that vulnerability.

The researchers will publish their findings at the upcoming USENIX Security 2013 conference that runs on August 14–16, 2013 in Washington, D.C.

In the meantime, Apple is hoping to take iOS security to the next level this Fall with a bunch of capabilities like Activation Lock, a new iOS 7 feature that renders stolen devices useless by denying a carrier activation, even after the thief has wiped the device clean of data or disabled the Find My iPhone service.

  • Liam Mulcahy

    well I quess I’m not updating or getting any new apps

    • Steven3331

      I basically make
      about $6,000-$8,000 a month online. It’s enough to comfortably replace my old
      jobs income, especially considering I only work about 10-13 hours a week from
      home. This is how to start>…………www.bar28.ℂom

  • Taf Khan

    Could the jail break community take advantage of such vulnerabilities?

    • EpicFacepalm

      I think not

  • ✪ aidan harris ✪

    “such as posting tweets, taking photos, sending email and SMS, and even attacking other apps – all without the user’s knowledge.”

    I thought iOS asked though before any of the above can be done e.g. XYZ app is requesting access to your twitter account…

    • K▲DE

      They can bypass it.

      • ✪ aidan harris ✪

        How though? I’m not denying their claim but if all they have is a proof of concept it’s hardly malware is it? Did they even submit an app to the AppStore containing any ‘malicious’ (I write it with inverted quotes to symbolise the fact that since they’re security researchers they probably wouldn’t put anything actually malicious in the app yet the behaviour exhibited would still probably be unintentional from the users perspective) code proving that they’re methods can work and can make it into the AppStore? Also I’m not denying that they can bypass iOS’s built in privacy settings but if they can then they are some truly talented security researchers and I bet the jailbreak community would be happy to have them…

    • K▲DE

      They bypassed it

  • Yunsar

    Could this be an opportunity for the 6.1.3 jailbreak?

    • StarViruZ

      No, it’s malware injection on the vulnerability and Apple might noticed that, and you know what’s next. Also jailbreakers aren’t stupid to throw away their holy exploits they have. So don’t except for 6.1.3 until iOS 7 released.

  • Joseph

    “malware-infested”

    For the last damn time Christian, no one gives a flying crap about Android when we’re reading about iOS vulnerabilities. We all know that it has malware, and now you’re just plainly antagonizing Android users who read this blog and don’t try to start flame wars.

    • Dragonballz

      Hey dude shut up I think you are a android user so that’s why u are saying all this stuffs

      And if you don’t want people talking about android then get a iOS divices no one will talk about iOS divices

      freak

      • Guest

        Hey ignoramus fantard, he’s an iOS user who does his thinking himself and is just informing iDB bloggers to stop writing biased fanboy articles that ignite flame wars. But never expected you to realise that, ’cause you seem to have developed a fukn brilliant thinking process that takes any unbiased post as Android fanboy post…

      • Joseph

        Yes, I do. I have a Nexus 7. I also have an iPod touch 4G. I come here to read articles about iOS and not constantly be bashed every other freaking article. I know this is a fan blog, but this is just getting outrageous.

        Also, thanks, MrElectrifyer.

    • KC

      Agreed. The sentence with Android mentioned could’ve easily been left out and it wouldn’t have changed the tone, content or effectiveness of the article at all. But it’s just enough to cause more annoying “us vs. them” numbskull comments.

      As hard as it is for some diehard iOS fans to believe, there are some of us who use products for both OS’s and are ok with their differences, and don’t feel the need to choose sides.

    • Gus Me

      I understand what he’s trying to say. A lot of people here complain about other companies bashing Apple, saying they’re better, copying ads, etc… but have no issues when Android, MS, Samsung and the likes get bashed or written about negatively. I think he’s just saying that “Google’s malware-infested Android” doesn’t really add anything to what’s being reported here, but I could be wrong.

    • Taf Khan

      So what is the main reason for android users on this here blog… ? I often wondered, that’s all.

      When the competition in the media and the courts etc is so intense between the two, surely you have to accept the same will always exist… . especially on a tech blog!

      • Kurt

        Android users can’t be iOS users also? Whoa I always thought it was possible. Thanks for correcting my false understanding of OS usage

      • Taf Khan

        So you are like sitting on the fence then.. .

        Read again, hope that makes the point that bit clearer for you.

      • Kurt

        Good boy you fixed your mistake. Thanks for the thubs down. Generous of you!

      • Taf Khan

        Well actually it difficult hitting that reply option on my iPhone… That was an error. But you are welcome.

  • Thanks for this. I was having a debate with a friend last night of the rampantness of Android malware (especially in emerging markets) and how it’s virtually non-existent on iOS.

  • audioteck

    Is it safe to update ?