Apple's famously "malware proof" iPhone has a bug.
Security hacker Charlie Miller has discovered a way to plant a malicious app into the app store, as Forbes's Andy Greenberg points out. Apple is known for virus-free products, thanks to its "puritanical attitude toward its App store," as Greenberg explains. Under Apple's watchful eye, "nothing even vaguely sinful gets in, and nothing from outside the App Store gets downloaded to an iOS gadget," he writes. But Miller has apparently exploited a wormhole in Apple's code: it seems he has planted a malware-containing app, which repurposes the rest of the phone's iOS functions for evil ends.
As phone bugs become more prominent, even the once formidable Apple is susceptible to hackers.
Normally, Apple's apps only allow Apple-approved commands to run on an iPhone's memory. The dastardly Miller has figured out how to get unapproved code to run on the device, which then makes the phone wig out a little. Downloading the rotten app pushes unapproved commands onto the phone. The corrupted phone then steals photos, contacts; it vibrates or rings at will and can repurpose other iOS functions for other abnormal activities. Apple has since removed the app and Miller from the developer store. But the hacking shows Apple's phones are more vulnerable than previously thought.
Phone hackings have been on the rise, as we noted yesterday, but there has always been the perception that Apple fends off viruses better than its competitors. With its extensive approval process, Apple makes it tough for hackers to get through its defenses. "Unlike iOS, Google doesn’t require that apps be approved to be installed on its phones and tablets. That approach has led to several outbreaks of malware on Android devices, and also means an attack like Miller’s is much less expected on an Apple device than on one that runs Google’s software," writes Greenberg.
Even yesterday, as The Atlantic Wire discussed the rising dangers of phone hacking, commenter Raymond Larett insisted that iProducts haven't experienced hackings like other smartphones. "This is the second article on the subject of the rising danger of smartphone hacking I've read in the last few days that fails to state clearly that the main risks are to Android phones," he explains. Unfortunately, that's just not the case anymore.