This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. > Find out more here
All the latest UK technology news, reviews and analysis
|
|
Chinese cyber crooks are exploiting a loophole in Apple's iOS enterprise deployment procedures to release pirated apps onto iPhones.
Trend Micro reported detecting a new influx of pirated apps appearing on iOS over the past few weeks in a blog post.
"In the past couple of weeks, there has been some breathless reporting about how iOS users could now install pirated apps without having to jailbreak their phones. This was made possible by certain Chinese app store-like services," said Warren Tsai, product manager for Trend.
Tsai said apps are able to appear on non-jailbroken iOS devices, a development that significantly widens the threat to iPhone users, thanks to a loophole in Apple's iOS enterprise deployment policy.
"The same features which allow enterprises to deploy their own custom apps have now been abused to deliver pirated apps to users," he said.
Apple has traditionally managed to keep its mobile iOS operating system free of malicious apps and software by employing a closed development model, where all apps must be vetted before appearing in its official store.
Trend Micro said that while the pirate apps appearance is troubling, they do not currently pose a serious security risk.
"This ‘newly discovered' method represents one of the methods to get malicious/fake apps onto the iOS devices. However, because the iOS sandbox has not been compromised, what each app can and can't do is rather limited," added Tsai.
The iOS app may try to send out some personal privacy information to external server which creates privacy data leakage problem.
"For now it's not likely to be much of a security threat, as the number of users who would actually use these ‘pirated' app stores is rather limited. However, it does represent an interesting avenue for targeted attacks in enterprise settings."
The news follows a boom in the volume of mobile malware targeting the competing Android ecosystem.
Trend Micro had previously warned the number of malware strains targeting Android would break past the one million milestone by the end of the year.
V3 pits top devices against one another ahead of Samsung Galaxy S4 launch
The clock is ticking for Postini users that don't want to move their email management to Google Apps.
Build great digital experiences at the speed of the web
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
