Security

Apple's iOS App Store has more Windows malware

An old Windows worm is embedded in an iOS App, but the question remains, how did it get there?

Topher Kessler over on sister site ZDNet notes that a Windows malware worm has been found embedded in an application being distributed in Apple's App Store for iOS. The malware can be found in the free Instaquotes Quotes Cards for Instagram app, so you may want to avoid that app until a clean version is made available.

The malware in question is an old worm identified as Worm.VB-900. The fortunate thing is that the worm is old enough to be recognized as malware by just about any up-to-date anti-virus program you can think of, so the risk is minimal. In fact, it won't effect iOS or OS X at all, but only users who manage their iOS Apps using iTunes and a Windows PC.

The curious thing for me is to wonder how such an old, low-threat worm ended up in an iOS App in the first place. It is difficult to imagine someone put it there deliberately. I mean, to what end? What would this malware accomplish?

But, if it was not put there deliberately, how did it get there? Anyone care to speculate?

About

Mark Kaelin is a CBS Interactive Senior Editor for TechRepublic. He is the host for the Microsoft Windows and Office blog, the Google in the Enterprise blog, the Five Apps blog and the Big Data Analytics blog.

5 comments
geoff.schardein
geoff.schardein

...the joke is what is worse then finding a Worm in an Apple? Finding half a Worm...This applies in this case because while it is a Worm it does not effect iOS directly. As to the how and why there is such a a Worm I would speculate that either code was reused that was contaminated and not caught in a code review; assuming a code review even occurred. Optionally the Worm was resident on the developers system and was not caught though that does seem as likely.

to_be_announced
to_be_announced

It's a conspiracy. Microsoft must have put it there to try and harm Apples reputation. **sarcasm**

HAL 9000
HAL 9000

Much more likely that a Infected machine was used to write the app or do something to it and it infected the app that way. I've seen instances like this previously where an infected machine used to edit a CD Image for a very high end, expensive piece of software was infected and this was passed onto the Image manufactured into the Customer Release CD for that software. 13 different infections where on that CD and would have infected any machine that it was put into and the Setup EXE run. This is just the same thing happening all over again where [b]Sloppy Housekeeping[/b] is adversely affecting the final product. Personally I would not be surprised if the problem machine didn't even run some form of Windows and the worm was doing no harm on it. ;) Even today how many AV Products scan for problems that are not related to the OS that they are running on? It wouldn't be hard to engineer a problem to sit harmlessly on an alternative platform and work just like this. Sits on a Apple Platform doing nothing at all and the AV/Malware Scanner doesn't look for it as it's not a Recognized Infection that affects that platform. Of course it could always be a [b]Proof of Concept[/b] that got loose by mistake. :D Col

CShannon69
CShannon69

Someones idea of a joke.... WORMS do hide in APPLES

Mark W. Kaelin
Mark W. Kaelin

How does an old Windows worm get into a modern iOS App?