MIT Researchers Manage To Sneak A Malware Named Jekyll In An Application Published In App Store

On August 17, 2013

Researchers from the prestigious M.I.T. University have attempted to demonstrate that the process of reviewing applications for the App Store is not as safe as the company claims, according to them, the test was a success. They were based on the fact that the program automatically checks for App Store applications spend a few seconds checking applications, and so managed to sneak in App Store an extremely dangerous application. It contained fragments of code that is assembled through a command on the remote, and after application assembly it turned into a dangerous weapon.

This wasn’t long enough for Apple to notice that an app that purported to offer news from Georgia Tech contained code fragments that later assembled themselves into a malicious digital creature. This malware, which the researchers dubbed Jekyll, could stealthily post tweets, send e-mails and texts, steal personal information and device ID numbers, take photos, and attack other apps. It even provided a way to magnify its effects, because it could direct Safari, Apple’s default browser, to a website with more malware.

Once assembled the malicious code, the application can send tweet by itself, can send emails or text messages, steal personal information, identifying series of terminals to steal pictures and can attack other applications, including Safari, which was redirected to a website full of malware. After installing the application connects to researchers servers, they can control it at will, and can attack anyone, anytime using only a few simple commands.

The application has been active in the App Store for a few minutes while the researchers downloaded it and were attacked themselves to demonstrate its functionality. Researchers argue that at present application review process is based only on static verification of the code of applications, and malware can be easily hidden in logical operations pertaining to their normal functionality. They want Apple to change their criteria for verifying the applications, but it would probably not happen.