Leave a comment

2,846 Apple apps hide a scary backdoor

2,846 Apple apps hide a scary backdoor
Photo courtesy of Shutterstock

This week hasn't been a great one for Android when it comes to security news, so it's only fair we balance it out with something from Apple. In a new study, researchers have found a serious problem in 2,846 apps actually in the iTunes store.

The affected apps contain hidden backdoor code that could let a hacker remotely record audio and capture what's on your gadget's screen. They could also see your location, modify files, pull your passwords, launch other apps and trick you into installing unsafe apps, if you aren't paying attention.

To make it worse, the affected apps haven't been named, so we don't know which ones to uninstall. That's the bad news, but there is some good news.

Apple has known about the problem since October 21, and it does have a full list, so it's presumably working with developers to correct the problem. And the problem should be easy to fix.

To save time when developing programs, developers often use third-party libraries for certain tasks. In this case, each of the affected apps uses the same ad library, called mobiSage, which provides code for serving ads.

Inside 17 versions of the ad library is the backdoor code that makes it phone home to a few ad servers every once in a while and execute whatever JavaScript code it finds there. At the moment, these servers don't have any JavaScript code posted, so the apps aren't doing anything they shouldn't.

The better news is that the latest version of mobiSage doesn't contain this unwanted code, so app developers should be able to update their apps very quickly. If your Apple gadget lets you know of any pending app updates, install them right away to be safe.

Of course, malicious apps are just one threat to your Apple gadget. You're just as like to have it stolen, or have an untrustworthy friend or jealous significant other try to snoop through it. Learn how to lock down your gadget so your data stays safe no matter what.

Next Story
Source: The Register
View Comments ()
A new spy drone can stay in the air forever
Previous Happening Now

A new spy drone can stay in the air forever

Iran hacks White House officials
Next Happening Now

Iran hacks White House officials