Apple Approved Jekyll App Aimed to Destroy iOS

technology, app, jekyll hack, Georgia tech

It can be certain Apple is still feeling the effect of slight embarrassment after the latest weakness discovered by local researchers. A researcher by the name of Tielei Wang from Georgia Tech and Long Lu, a security researcher located in Stony Brook University decided to challenge the level of app approval with the Apple screening process. The team worked together to devise Jekyll, an app that appears harmless yet transforms into an attacker once inside the Apple app approval zone. Once inside, malicious adventure begins, aimed to destroy iOS.

Wang shared, “Our research shows that despite running inside the iOS sandbox, a Jekyll-based app can successfully perform many malicious tasks, such as posting tweets, taking photos, sending email and SMS, and even attacking other apps – all without the user’s knowledge.” In addition, per Network World, the app could direct “Apple’s default Safari browser to reach out for new malware from specific Websites created for that purpose.”

Lu and Wang received the initial approval from Apple
Lu and Wang received the initial approval from Apple

The designers and researchers monitored the path of the app and witnessed after a few seconds, Apple approved the app into the iOS “sandbox.” At the Blackhat conference earlier this month, the team revealed two different malicious, transforming codes into the iOS. The researchers admitted their intention was not Apple, but the system easily conformed and accepted the code. Doing so, without the supervised path, could had led to destruction for other apps, if in the wrong hands.

In the wrong hands, the malicious app could have release multi-device destruction
In the wrong hands, the malicious app could have release multi-device destruction

No worries to those wondering if anyone downloaded the app. Lu states the app was withdrawn and no one downloaded the malicious item, during review. The researchers documented their findings and suggestions for Apple in scholarly journals. Apple has taken the interference to heart and supposedly has altered the screening process for approval. Technology Review states “well over 600 million devices that run iOS (iPhones, iPads, and iPod Touches), yet only a handful of malicious apps have been discovered.”

The ratio is very small, but this weakness, signifies that even just one well created malicious app, can create a paramount of issues within iOS. A message Lu wanted to make sure Apple received, “The message we want to deliver is that right now, the Apple review process is mostly doing a static analysis of the app, which we say is not sufficient because dynamically generated logic cannot be very easily seen.”

Apple spokesman Tom Neumayr has declined to detail the approval process, but reaffirms as earlier stated, changes were made to strengthen the screening process. The technology developed by the researchers is taking front stage, and did so during the Blackhat conference. A seminar that highlights the brightest minds in the tech world, and embarrasses many tech-enhanced companies.

These features and apps are better off in the discovery hands of good guys like Lu and Wang. Hackers looking to infiltrate the iOS can create a domino affect that could expand to hundreds of millions of customers. If this malware tainted app wasn’t enough, the Georgia Tech team also presented on how they were able to infect an iOS device with a charger. A third party creation which appears as a USB charger housed a deadly malware for connection and insertion into the device. One can only hope, Apple isn’t more concerned about pride than security.

Angelina Bouc

Source: Scholarly paper Jekyll on iOS: When Benign Apps Become Evil

Sources 1 2 3

Leave a Reply

Your email address will not be published.