Apple’s App Store has a much better reputation for security than Google Play but that may not last long if more hackers take advantage of a new flaw discovered by a team of researchers at Georgia Tech. Technology Review reports that the researchers successfully posted a malicious app to the App Store that contained fragmented pieces of code that only assembled themselves into malware after users had installed the app. The researchers say that they were able to get away with this because Apple apparently only ran the app for a few seconds before deciding that it was safe and sending it along to the App Store.
“The app did a phone-home when it was installed, asking for commands,” explains Long Lu, a Stony Brook University researcher who helped out the team at Georgia Tech. “This gave us the ability to generate new behavior of the logic of that app which was nonexistent when it was installed… The message we want to deliver is that right now, the Apple review process is mostly doing a static analysis of the app, which we say is not sufficient because dynamically generated logic cannot be very easily seen.”
Marc Rogers, a researcher at mobile security firm Lookout, tells Technology Review that such apps present major problems for all mobile platforms because companies may have to constantly monitor all apps that have been installed on customers’ phones to keep their app ecosystems malware-free.