Researchers from Georgia Tech have discovered an alarming iOS security hole, and even managed to sneak malware past Apple’s App Store review process. Called Jekyll, in a nod to Robert Louis Stevenson’s novella, the malware was disguised as a Georgia Tech news app. Once installed, it could post tweets, send messages, take photos, retrieve personal information, and even direct Safari to install more malware. The researchers could also control the app remotely, adding more commands and capabilities. It even phoned home, revealing that Apple spent only a few seconds reviewing the app before approval. After testing the app briefly on their own devices, the researchers pulled it from the App Store.
Subscribe today so you don’t miss any TidBITS articles!
Registration confirmation will be emailed to you.