Image Credit: CNET
Apple runs a pretty tight ship. Not much gets by their app reviewers. That said, they are human, and human’s aren’t 100% accurate or perfect. So hearing new reports that a new piece of Windows-specific malware has piggy backed undetected into the App Store isn’t all that surprising.
According to CNET’s Topher Kessler, the two pieces of malware in question were found in the app “Instaquotes Quotes Cards for Instagram” and according to the the virus software of the person who originally discovered the malware, is called “Worm.VB-900″. That said, once the .ipa package was opened, CNET was able to find two actual executables buried inside:
- instaquotes.ipa/Payload/Instaquotes.app/FBDialog.bundle/FBDialog.bundle.exe
- instaquotes.ipa/Payload/Instaquotes.app/FBDialog.bundle/images/images.exe
The .exe’s above are simple apps written in visual basic that install nefarious things into the /Windows directory and then proceed to modify the Windows registry on restart.
Mac users have nothing to worry about; the malware in question is wrapped in an .ipa package and contains .exe executables which are completely useless on an OS X machine. That said, iPhone/App Store users who operate on a Windows based machine are in fact in danger. Thankfully, most up to date anti-virus software should spot and easily remove the malware in question once it has been opened outside of its .ipa container.
The threat here is low but once again proves that not even Apple is completely bulletproof. As always, regardless of what operating system you use, be careful what you click on and download.
Via: Cnet
