What Does First Major Attack On App Store Mean For Mobile Security?

The mobile app development world was rocked by the news that malware had been able to infiltrate a number of leading apps on the iOS App Store over the weekend.

Using a cracked form of the Xcode program used to create apps and services for iOS devices, the affected apps have now been scrubbed from the App Store, but mark the first time that Apple’s defences have truly been breached.

But what does this mean for the security of Apple devices and the mobile security space in general? TechWeekEurope asked the experts to find out their views.

David Emm, principle security researcher at Kaspersky Lab

“While the majority of mobile malware targets victims running Android, this incident highlights the fact that iOS isn’t immune to malware. Apple’s ‘walled garden’ approach does make it harder for cybercriminals to compromise apps, but if something does slip through the net, as in this case, there’s no protection available because Apple doesn’t provide third-party developers with the means to develop anti-malware protection for iOS.”

John Smith, principal solutions architect at Veracode

“In recent years it has seemed that the problem of Mobile Malware was bigger for Android than for iOS. The more rigorous testing regime required before an iOS app can be published has always been considered to be the reason for this difference, but in this case it seems to have fallen short. One very interesting aspect of this incident is that that the developers of the apps had no knowledge that their own code was being used to carry malware – it was the modified development environment (Xcode) that introduced the payload.”

“This case highlights the importance of testing what you actually provide to your customers, rather than what you think you are providing. Analysing the compiled code for vulnerabilities and malware using technologies such as Binary Static Analysis and App Reputation Testing could have prevented these dangerous apps from ever being published.”

Gavin Reid, VP of threat intelligence at Lancope

“You’re only as strong as your weakest link. Here we have the walled garden of iTunes being toppled by a 3rd party use of developer software package being distributed out of China. The miscreants attacked a set of software tools for developing iOS applications called Xcode.

“Application developers that used the tainted developer package and created applications that compromised the user data on the device. These compromised applications were then submitted to Apple by the typical developers for the app.

“One example is WeChat from Tencent it is one of the most installed software apps in the Asia Pacific region with 100 of millions of installs. In this case there is little the user can do to protect itself. The fix for this is better care from the application developers (to security), and better verification from Apple.”

Thomas Reed, director of mac offerings, Malwarebytes

“There are a few very interesting aspects to this new malware. First, of course, is the fact that these infected apps made it into the App Store. This is easily the largest App Store breach in history. There is little doubt that there will be some revision of the app review process at Apple as a result, but it’s also certain that this incident will erode consumer confidence in the App Store as a (mostly) unassailable malware-free fortress.”

“Worse, there was really no way to tell that these apps were infected. Perfectly respectable, legitimate apps turned out to be infected. It’s hard for any user to be on guard against this kind of malware. Especially on iOS, where security features in the system make anti-malware software impossible.”

“Even if you don’t have a known infected app, it’s important to update all of your iOS apps. (It’s not always easy to tell which apps may have been made by a Chinese developer.) If a developer becomes aware of their app being infected, they should issue an update to fix the problem. Hopefully, Apple will take some kind of action to find and remove any further infected apps.”

What do you know about Internet security? Find out with our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

Indian Tribunal Suspends Meta’s Data Sharing Ban

After Meta had warned that India's data sharing ban could collapse WhatsApp's business model, tribunal…

45 mins ago

UK’s CMA Begins Probe Into Apple, Google Mobile Ecosystems

British regulator confirms investigation of Apple and Google's domination of app stores, operating systems, and…

2 hours ago

Samsung Touts AI Features With Galaxy S25 Smartphones

Launch of Samsung's Galaxy S25 Ultra, Galaxy S25+ and Galaxy S25 sees the handsets described…

4 hours ago

LinkedIn Sued Over Alleged Use Of Private Messages To Train AI

Microsoft's LinkedIn sued for allegedly using customer data, including private messages, to train AI models…

6 hours ago

Amazon To Shutter Sites In Unionised Province In Canada

1,700 jobs to be lost in Quebec, as Amazon says it will close seven sites…

21 hours ago

Google Wins UK Injunction To Halt Russian Enforcement Of Judgements

Google wins permanent injunction from London's High Court to prevent enforcement of Russian YouTube judgements

23 hours ago