Researchers trumped Apple’s App Store approval procedure by selling ‘Jekyll’ malware test app. They had built this malicious app after obtaining permission and it showed the incompetence of Apple’s app approval system.
It appears to be a benign app at first sight. But looks can be deceiving. It contains a malicious code that can compromise any Apple device at a moment’s notice. After it was downloaded on to the iPhone it simply sent a message home and made the host phone its prey. The researchers who built it have named it 'Jekyll'. It can accomplish a variety of bad deeds. These include putting out Tweets, relaying email, text messaging, gaining access to personal data and ID numbers. And the list goes on and on. The basic fact that came out in the open was that the Apple team only ran its apps for a few seconds. That is why the malware was not detected at all.
That the researchers had managed to hoodwink Apple is no small feat. It shows a fatal flaw in Apple’s app system. The message these researchers wanted to deliver was that Apple should not be taken at face value. Cracks and fault lines in the superstructure could cause trouble in the future. The team has prepared a document on the matter that will be read and discussed at the Usenix Conference in Washington D.C. An Apple spokesperson has meanwhile said that Apple has taken the research into consideration and that it was going to fix the leak in the system.
Source: MIT Technology Review