Security expert finds Apple apps-software bug


App Store 2

CUPERTINO (California): A software flaw in Apple Inc’s iPhones and iPads may allow hackers to build apps that secretly install programs to steal data, send text messages or destroy information, according to an expert on Apple device security.

Charlie Miller, a researcher with Accuvant Labs who identified the problem, built a prototype malicious program to test the flaw. He said Apple’s App Store failed to identify the malicious program, which made it past the security vetting process.

There is as yet no evidence that hackers have exploited the vulnerability in Apple’s iOS software. But Miller said his test demonstrated that there could be real malware in the App Store.

“Until now you could just download everything from the App Store and not worry about it being malicious. Now you have no idea what an app might do,” Miller said.

He said he proved his theory by building a stock-market monitoring tool, InstaStock, that was programed to connect to his server once downloaded, and to then download whatever program he wants.

(To see a YouTube video demonstration of the technique, go to http://bit.ly/vLSbvC)

Apple did not respond to requests for comment.

Miller, who in 2009 identified a bug in the iPhone text-messaging system that allowed attackers to gain remote control over the devices, said that he had contacted the company about the vulnerability.

“They are in the process of fixing it,” he said.

Miller is scheduled to present his detailed research at the SyScan 2011 security conference in Taiwan next week. — Reuters

++++ www.syscan.org/index.php/tw/speakers

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
   

Next In Tech News

Crypto currency ether rises to new record high
U.S. broadband industry accused in 'fake' net neutrality comments
Oculii, radar software maker for autonomous vehicles, raises $55 million
Nikola may seal order for 100 EVs from port trucking firm
North American companies buying more robots to keep up with demand
Facebook’s oversight board: Watchdog or distraction?
Self-driving startup Aeva says its sensor can detect vehicles over 500m away
The Bill & Melinda Gates Foundation is spending millions in China, a fraction of its total funding
‘Get out of Thailand’ online campaign gains real-world momentum as Covid grows
Hong Kong woman conned out of HK$20mil by phone scammers impersonating police

Stories You'll Enjoy


Vouchers