Follow this blog:: RSS; Email Alert

iOS App Builder

Apple’s iOS App Store has more Windows malware

July 24, 2012, 11:11 AM PDT

Takeaway: An old Windows worm is embedded in an iOS App, but the question remains, how did it get there?

Topher Kessler over on sister site ZDNet notes that a Windows malware worm has been found embedded in an application being distributed in Apple’s App Store for iOS. The malware can be found in the free Instaquotes Quotes Cards for Instagram app, so you may want to avoid that app until a clean version is made available.

The malware in question is an old worm identified as Worm.VB-900. The fortunate thing is that the worm is old enough to be recognized as malware by just about any up-to-date anti-virus program you can think of, so the risk is minimal. In fact, it won’t effect iOS or OS X at all, but only users who manage their iOS Apps using iTunes and a Windows PC.

The curious thing for me is to wonder how such an old, low-threat worm ended up in an iOS App in the first place. It is difficult to imagine someone put it there deliberately. I mean, to what end? What would this malware accomplish?

But, if it was not put there deliberately, how did it get there? Anyone care to speculate?

Get IT Tips, news, and reviews delivered directly to your inbox by subscribing to TechRepublic’s free newsletters.

About Mark Kaelin

Welcome to iOS App Builder

ARC simplifies iOS memory management

Comments

Add Your Opinion

Join the conversation!

Follow via:: RSS; Email Alert

See All Comments

Staff Picks
Top Rated
Most Recent
My Contacts

No messages found

14 Votes

+ -

How does an old Windows worm get into a modern iOS App?

CShannon69 24th Jul

Someones idea of a joke.... WORMS do hide in APPLES

View in thread

0 Votes

+ -

Close but..

geoff.schardein@... 27th Jul

...the joke is what is worse then finding a Worm in an Apple? Finding half a Worm...This applies in this case because while it is a Worm it does not effect iOS directly. As to the how and why there is such a a Worm I would speculate that either code was reused that was contaminated and not caught in a code review; assuming a code review even occurred. Optionally the Worm was resident on the developers system and was not caught though that does seem as likely.

View in thread

0 Votes

+ -

conspiracy

to_be_announced 25th Jul

It's a conspiracy. Microsoft must have put it there to try and harm Apples reputation. **sarcasm**

View in thread

0 Votes

+ -

Moderator

I very much doubt it was deliberate

HAL 9000 Updated - 24th Jul

Much more likely that a Infected machine was used to write the app or do something to it and it infected the app that way.

I've seen instances like this previously where an infected machine used to edit a CD Image for a very high end, expensive piece of software was infected and this was passed onto the Image manufactured into the Customer Release CD for that software. 13 different infections where on that CD and would have infected any machine that it was put into and the Setup EXE run.

This is just the same thing happening all over again where Sloppy Housekeeping is adversely affecting the final product. Personally I would not be surprised if the problem machine didn't even run some form of Windows and the worm was doing no harm on it. wink

Even today how many AV Products scan for problems that are not related to the OS that they are running on? It wouldn't be hard to engineer a problem to sit harmlessly on an alternative platform and work just like this. Sits on a Apple Platform doing nothing at all and the AV/Malware Scanner doesn't look for it as it's not a Recognized Infection that affects that platform.

Of course it could always be a Proof of Concept that got loose by mistake. grin

Col

View in thread

Once logged in, adding contacts is simple. Just mouse over any member's photo or click any member's name then click the "Follow" button. You can easily manage your contacts within your account contacts page.

See all comments