AAPL Stock: 117.81 ( -0.22 )

Printed from

Researchers get malware app approved by Apple

updated 06:15 am EDT, Mon August 19, 2013

More questions raised about Apple app approval process

The security of Apple's App Store approval process has had its credibility challenged following revelations that it approved an app that was submitted by researchers with remotely assembled malware hidden in its code. According to Technology Review, the team from Georgia Tech monitored the app throughout the approval process and found that Apple only ran the app for a few seconds before approving it. This did give Apple the time to detect the malicious code which subsequently assembled into malware that could steal personal information, device IDs, photos as well as send texts and emails.

"The app did a phone-home when it was installed, asking for commands. This gave us the ability to generate new behavior of the logic of that app which was nonexistent when it was installed," said Long Lu, a member of the team at Georgia Tech, led by Tielei Wang. "The message we want to deliver is that right now, the Apple review process is mostly doing a static analysis of the app, which we say is not sufficient because dynamically generated logic cannot be very easily seen," Lu asserted.

In May this year one of our editors, Sanjiv Sathiah, reported discovering two fake apps that had slipped through Apple's app approval process. Apple removed the apps upon being notified of their existence. At the time, MacNN contacted Apple regarding the two fake apps and spoke to Apple spokesperson Jesse James. James was not prepared to comment on how the apps were able to slip through Apple's app approval process, but was only prepared to state that the "Apple App Store is the only curated app store in the world."

by MacNN Staff



  1. msuper69

    Professional Poster

    Joined: 01-16-00

    I wonder if Apple will trigger the kill switch for this app.

  1. prl99

    Mac Enthusiast

    Joined: 03-24-09

    Developers complain about how long it takes to get their apps approved. Now this process will take even longer to make sure apps like this "research" app doesn't get through. I can see Apple shutting down the approval process like they did the developer website to change the entire process. I hope this team contacted Apple before spreading it all over the web. Wait, why would they. If they did they wouldn't get the recognition they were looking for.

  1. hayesk

    Professional Poster

    Joined: 09-17-99

    App reviews are held by regular people. And they don't have magic "code-monitoring" apps to watch if bad things happen (how do you define a "bad thing" anyway).

    Sometimes some get through, but when discovered, they are pulled pretty quickly.

  1. azrich

    Fresh-Faced Recruit

    Joined: 04-19-10

    prl99- check out the linked article. It says there that the only devices the app was installed on were the researcher's own, where the malware worked as designed. The article also says they took it down before anyone else could get it. I don't think these are glory seekers so much, but that's just my take on it.

    I'm glad these guys were the first to get one like this through vs some real bad coders. This shows the complexity of security in this day and age. It reminds me of messages encoded in JPG images being sent between spies.

  1. Marook

    Forum Regular

    Joined: 05-05-99

    Hmm, as far as I know, you are NOT allowed to fetch/build code not already in the App, so by doing this, they broke the developer agreement.. That's also why Java & Flash is not allowed!

    Wonder how they did that..

  1. prl99

    Mac Enthusiast

    Joined: 03-24-09

    azrich--it's called Steganography and I wonder if malware detection software actually checks for these types of things.

  1. YangZone

    Fresh-Faced Recruit

    Joined: 05-24-00


  1. Sandman619

    Fresh-Faced Recruit

    Joined: 07-28-06

    The issue here is that Apple's iOS terms do not permit apps to download remote code. This is probably more of an honor system, since there probably isn't anyway to prevent this from happening, since it is controlled on the developer side. Apps designed this way would be hard to detect, since the developer would not execute such code until after the app is approved. Apple would probably need to conduct a post approval app review if they want to catch these apps

  1. broohaha22

    Fresh-Faced Recruit

    Joined: 07-07-06

    "This did give Apple the time to detect the malicious code which subsequently assembled into malware that could steal personal information, device IDs, photos as well as send texts and emails."

    I think this should have said "This did NOT give Apple the time to detect the malicious code...."

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented