Sign in / up

back to article iBye, bad guy: Apple yanks 18 iOS store apps that sheltered advert-mashing malware

The iOS App Store is 18 applications lighter today after the software was caught harboring malware that secretly clicked on ads, signed up punters for premium services, or deliberately overloaded websites. Apple on Thursday pulled the apps, all written by India-based AppAspect, after confirming they were being used for click- …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    I wonder if it was hidden in a library they linked to their code?

    My understanding is that advertisers will give you library code to link to yours, and it would be easy for them to sneak something nasty when they upgrade the library. The trick I guess would be just having a normal library at first so you build trust and get a bunch of apps using it. Then you pull the trigger and issue them a new rev, and when they publish an updated version of their app that includes your rogue library you make money until sometimes notices and it gets punted.

    Meanwhile the same bad guys own another small advertiser with a similar library that's ripe for going rogue next month...

    10 0 Reply
    1. GnuTzu
      Reply Icon

      Re: I wonder if it was hidden in a library they linked to their code?

      At an organizational level, that's a major fear. Imagine being an organization recognized as having valuable IP. If you were to allow access through some national firewall to a code repository in some country... ahem... suspected of stealing IP. They could easily recognize your publicly known IP addresses accessing a particular repository and plant targeted code for your development team to... well, do recon initially. From there, let your paranoid fantasies run wild.

      Though, it does come to mind that an organization could use anonymizing services, VPN, TOR, or such, to access such repositories, but to do that for any other reason than just research seems a bit creepy.

      0 0 Reply
    2. gnasher729 Silver badge
      Reply Icon

      Re: I wonder if it was hidden in a library they linked to their code?

      That’s what happens when you include yet another third party library to save ten lines of code. In reality, YOU as the developer are responsible for any bit of code in your application. If you can’t review the code that you are using, that’s your responsibility.

      3 0 Reply
  2. Anonymous Coward
    Anonymous Coward

    Only 18 apps?

    They could not have been looking very hard

    {ducks and runs for cover}

    3 1 Reply
    1. GnuTzu
      Reply Icon

      Re: Only 18 apps?

      I should wonder how deeply they look. Even with modern tools, scanning for zero days is inherently more expensive than scanning for known exploits. Caveat emptor.

      0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like