A potentially malicious piece of software designed to expose a security flaw in the App Store has been removed by Apple.
Charlie Miller, a hacker and principal research consultant at Accuvant Labs, created Instastock, an app which was designed to look like a stock price tracker, but in reality was capable of exploiting a recent update which allows unapproved code to be added to uninstalled apps.
Apple has since removed the app from the store and ejected Miller from its iOS developer programme, to which he responded angrily on Twitter, “First they give researchers access to developer programs, (although I paid for mine), then they kick them out.”
Miller, who plans to present his research at the SyScan Conference in Taiwan on 17 November, has previous identified a number of security flaws in Apple products.
In 2009 he identified a bug in iPhone’s text messaging system that allowed attackers to take control of devices and earlier this year, he revealed that the batteries used in many Mac laptops are vulnerable to attack, meaning they could be used to run malicious code or even explode.
The App Store had previously been regarded as the safest of the popular mobile platforms with the most serious security threats affecting only those who jailbroke their phones.
In March, Blackberry phones were targeted by a variant of the Zeus banking trojan while Android has recently overtaken Java Micro Edition as the most attacked mobile platform. However security company Trusteer has warned that five percent of iPhones and Android phones will be infected with malware in 2012.
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…