Malware Scare in Apple iOS App Store
CREDIT: Sascha Burkard/Shutterstock.com/Apple, Inc. Image composite by SecurityNewsDaily.
A potentially dangerous piece of malware has been found hidden in an iOS app available in the iTunes app store.
Apple's App Store is supposed to be malware-free, which means that this little line of code has got security experts and Apple fans in quite the tizzy.
But wait — the malware in question originates from a Windows computer, so it's harmless on iOS devices, and probably found its way into the app by accident.
Here's what happened: A reader of the Apple-centric magazine Macworld was the first to report that a free malware detector called Bitdefender Virus Scanner detected potential malware in an app called Simply Find It, which is sold in the iOS App Store for $2.
Macworld's bloggers investigated, and by unzipping the app and exploring its file contents, they were able to locate the offending line of code in one of the game's music files:
This type of code, called an iFrame, creates a link between a remote website — in this case, an inactive Chinese site — and the device on which the app is downloaded. Scammers could exploit this connection to put all sorts of nasty things on your device.
However, downloading Simply Find It presents no current threat, because the malicious line of code is inactive in the game's script, and the embedded website — though it has been known as a source of malware in the past — isn't live.
[See also: Five Apple Security Myths — and the Hard Truths]
Still, it didn't look too good for Apple — until Bitdefender took a closer look and found that the bad iFrame was injected into the app by a type of malware found in Windows computers.
In other words, the developers of Simply Find It coded their iOS game on a Windows computer, where one of their music files became corrupted by a type of Windows-specific malware.
These types of malware work by embedding dangerous links in HTML or HTM file documents. In the case of Simply Find It, the iFrame was accidentally attached to an MP3 file, where it could not take effect.
Seems like Apple's in the clear, then: Not only was the iFrame inactive, but it originated from a Windows computer.
Still, the whole hullaballoo is a reminder that Apple hasn't revealed how it checks its apps for potential malware. The tech giant has always been tight-lipped about its approval process, but because it was working, no one complained too much.
Maybe now that the dam has cracked — even a little bit — developers and security experts will be more insistent in asking Apple just how it polices its App Store.