Yesterday it was discovered that a Windows worm was embedded inside an iOS application. The app, called "Instaquotes-Quotes Cards for Instagram," was available in the iOS App Store from July 19 through July 24. It contained two infected files:
Instaqoutes 1.0.ipa:Payload:Instaqoutes.app:FBDialog.bundle:FBDialog.bundle.exe
Instaqoutes 1.0.ipa:Payload:Instaqoutes.app:FBDialog.bundle:images:images.exe
This is unlikely to have caused any actual harm to anyone's systems given that iPhones and iPads can't run Windows programs, and any Windows user who may have downloaded the infected iOS app would have had to manually extract an .exe file and consciously decide to run it on his or her PC.
The most interesting part of this discovery is that it seems to indicate that Apple may not be scanning apps for viruses as part of its vetting process. Let's hope Apple adds this to the app approval checklist right away.
Please see my article at Sophos Naked Security for more details.
Meanwhile, Mac antivirus firm Intego reported yesterday that it had discovered new Mac malware, which the company dubbed OSX/Crisis (Sophos identifies it as OSX/Morcut-A). Intego said that as of yesterday, the malware had not yet been found in the wild.
For more from the JoshMeister on Security, please subscribe via e-mail or RSS, or follow me on Twitter or Google+.
No comments:
Post a Comment
Comment moderation is enabled. (If you wish to contact Josh privately, you can leave a comment and ask that it not be published.)