Researchers Show How Apple's App Approval Process Can Be Beaten by Malicious Apps

by

NewImageResearchers from Georgia Tech submitted to the App Store and received approval for a malicious app, according to Technology Review. The researchers submitted an innocuous app that included inactive malware-type code hidden from Apple's app approval system.

When downloaded onto a test device after the app was approved, the app 'phoned home' and gained a variety of abilities that compromised the host phone.

This malware, which the researchers dubbed Jekyll, could stealthily post tweets, send e-mails and texts, steal personal information and device ID numbers, take photos, and attack other apps. It even provided a way to magnify its effects, because it could direct Safari, Apple’s default browser, to a website with more malware.

The researchers, including Long Lu, a Stony Brook University researcher who was part of the team at Georgia Tech, only put the app on the App Store very briefly and it was not downloaded by anyone other than research team members.

The team said that using monitoring code built into the app, they determined that Apple's app approval team only ran the app for a few seconds and that malicious code was not discovered by Apple's team. "The message we want to deliver is that right now, the Apple review process is mostly doing a static analysis of the app, which we say is not sufficient because dynamically generated logic cannot be very easily seen," said Lu.

Apple spokesman Tom Neumayr told Technology Review that the company made some changes to the iOS operating system in response to the paper, though he did not specify what the changes were.

Popular Stories

iPhone 17 Pro 3 4ths Perspective Aluminum Camera Module 1

New iPhone 17 Pro Details: Brighter Display, Best Battery Life, and More

Wednesday September 3, 2025 5:33 am PDT by
Apple's iPhone 17 Pro and iPhone 17 Pro Max models will feature a number of significant display, thermal, and battery improvements, according to new late-stage rumors. According to the Weibo leaker known as "Instant Digital," the iPhone 17 Pro models will feature displays with higher brightness, making it more suitable for use in direct sunlight for prolonged periods. The iPhone 16 Pro and...
Read Full Article68 comments
iPhone 17 Pro Iridescent Feature 2

iPhone 17 Pro Clear Case Leak Reveals Three Key Changes

Sunday August 31, 2025 1:26 pm PDT by
Apple is expected to unveil the iPhone 17 series on Tuesday, September 9, and last-minute rumors about the devices continue to surface. The latest info comes from a leaker known as Majin Bu, who has shared alleged images of Apple's Clear Case for the iPhone 17 Pro and Pro Max, or at least replicas. Image Credit: @MajinBuOfficial The images show three alleged changes compared to Apple's iP...
Read Full Article81 comments
iphone 16 pro ghost hand

iPhone 17 Pro: 5 Reasons Not to Upgrade This Year

Monday September 1, 2025 4:35 am PDT by
Apple will launch its new iPhone 17 series this month, and the iPhone 17 Pro models are expected to get a new design for the rear casing and the camera area. But more significant changes to the lineup are not expected until next year, when the iPhone 18 models arrive. If you're thinking of trading in your iPhone for this year's latest, consider the following features rumored to be coming to...
Read Full Article114 comments
iPhone 17 Pro Iridescent Feature 2

iPhone 17 and iPhone 17 Pro Prices Estimated Ahead of Apple Event Next Week

Tuesday September 2, 2025 1:50 pm PDT by
Just one week before Apple is expected to unveil the iPhone 17 series, an analyst has shared new price estimates for the devices. Here are J.P. Morgan analyst Samik Chatterjee's price estimates for the iPhone 17 series in the United States, according to 9to5Mac: Model Starting Price Model Starting Price Change iPhone 16 $799 iPhone 17 ...
Read Full Article58 comments
iPhone 17 Pro Dark Blue and Orange

iPhone 17 Release Date, Pre-Orders, and What to Expect

Thursday August 28, 2025 4:08 am PDT by
An iPhone 17 announcement is a dead cert for September 2025 – Apple has already sent out invites for an "Awe dropping" event on Tuesday, September 9 at the Apple Park campus in Cupertino, California. The timing follows Apple's trend of introducing new iPhone models annually in the fall. At the event, Apple is expected to unveil its new-generation iPhone 17, an all-new ultra-thin iPhone 17...
Read Full Article62 comments
iOS 18 on iPhone Arrow Down

Apple Preparing iOS 18.7 for iPhones as iOS 26 Release Date Nears

Sunday August 31, 2025 4:35 pm PDT by
Apple is preparing to release iOS 18.7 for compatible iPhone models, according to evidence of the update in the MacRumors visitor logs. We expect iOS 18.7 to be released in September, alongside iOS 26. The update will likely include fixes for security vulnerabilities, but little else. iOS 18.7 will be one of the final updates ever released for the iPhone XS, iPhone XS Max, and iPhone XR,...
Read Full Article47 comments
iPhone 17 Pro on Desk Centered 1

Survey: Nearly 70% of Users Plan to Upgrade to iPhone 17

Monday September 1, 2025 8:24 am PDT by
A new survey has found that nearly seven in ten iPhone owners in the United States plan to upgrade to an iPhone 17 model, signaling strong demand ahead of Apple's expected unveiling of the devices at its September 9 keynote. Smartphone price comparison platform SellCell surveyed over 2,000 U.S.-based iPhone users in August to assess upgrade interest and brand loyalty before Apple's event....
Read Full Article210 comments

Top Rated Comments

Shrink Avatar
Shrink
157 months ago
I've come to a conclusion that all these analysts / researchers lack any thrill in their lives ..all they want to see is apple or any other company fail ..
I don't understand how pointing out a flaw that can be fixed represents a desire to see Apple fail.:confused:
Score: 12 Votes (Like | Disagree)
rmwebs Avatar
rmwebs
157 months ago
Sorry, I thought this was already public knowledge. Any app developer can embed malicious code, then have it 'turn on' at a specific time. There is no code check, Apple only launch the app - they never get a copy of the source code of each app so have no way of knowing what's inside of it.

The only way this will ever change is if the compilation of the apps is done on Apple servers.
Score: 11 Votes (Like | Disagree)
darster Avatar
darster
157 months ago
Hats off to Georgia Tech!
Score: 8 Votes (Like | Disagree)
Dr McKay Avatar
Dr McKay
157 months ago
Brace yourself. This Thread is about to turn into such a heated debate not even the Marshmallows will survive. :cool:
Score: 7 Votes (Like | Disagree)
JayCee842 Avatar
JayCee842
157 months ago
Fortunately with Apple's system - if something malicious is discovered it can be quickly pulled before harming anyone else.

Try getting the word out about a bad program and having it's website pulled. Much tougher as proven by all the spyware windows applications available.

Too bad this malicious malware wasn't discovered.
Score: 5 Votes (Like | Disagree)
fluchtpunkt Avatar
fluchtpunkt
157 months ago
As long as they reported the issue to Apple privately long before dangling a treat in front of criminals.

Well, the fact that you can deactivate malicious code in your app until your app passed Apples review is well known to basically everyone who writes software.

Does anybody remember HiddenApps (https://www.macrumors.com/2013/03/11/hiddenapps-hides-stock-apps-iads-and-more-on-non-jailbroken-ios-devices/), the app that could be used to hide app icons on your device?
That app fetched a file from a webserver, if the file said "hide malicious code" the app showed some useless tricks on how to save battery. Once the app passed review the file said "do evil stuff" and the app executed the parts that would have lead to an rejection immediately.

There is no way to catch all evil code in an App. Not even access to the source code will make you a hundred percent safe. Because you have to read and understand it all to make a judgement. Ain't nobody got time for that.
Score: 4 Votes (Like | Disagree)
Read All Comments