PCWorld Forums: Watch Out: Trojan Horse Found In The Ios App Store - PCWorld Forums

Post your comments for Watch Out: Trojan Horse Found in the iOS App Store here

MUAHAHAHAHAHAHAHAAH!!!!!!!!!!!!!!!!!!!!!!!!!!!

So does this mean that the secuity apps like Avast! and Lookout would have alerted you to this malware??
Anyone know?

how DARE you use a picture of a BLACKBERRY device in this article that is about a Trojan in the much ballyhooed APPLE and GOOGLE app stores... the way the media unjustly maligns RIM is bad enough, but to use a BlackBerry device image in an article about security risks incumbent with Apple's and Google's app stores is just craptastic.

daverdz7jb, on 05 July 2012 - 11:08 AM, said:

On Android they should have alerted you to this, on iOS none of the security apps would have been able to catch this due to the sandboxed nature of the OS.

Gibson295, on 05 July 2012 - 09:16 AM, said:

No system is invulnerable. Even the Blackberry, with an extremely secure, business-focused OS, has seen more sophisticated malware attacks including the Zeus trojan. Any programmer can make software that gives them access to your data when you install it - even if the OS is bulletproof with zero vulnerabilities. To get infected with Leak and Spam, you had to:

- Deliberately go to the app's download page

- Pay no attention to the 1 star ratings and horrible reviews

- Click "Install"

- Enter your Apple ID password

- Give your phone number and e-mail address to this unknown company

- Say "yes" to the prompt to "find friends in a phonebook"

In short, you have to be a complete idiot to get infected. There's no auto-installing or propagating without human interaction. I guess it's not such an uBeR 1337 V1ruZ after all. After 5 years and 365 million devices sold, there's only been 1 piece of malware for iOS. That's not just luck; that's strong security. Coupled with the App Store submission process (messing up ONCE doesn't mean it's ineffective), mandatory code signing, sandboxing, verified boot, separate partitions for the OS and data, as well as exploit mitigation technologies such as ASLR, stack canaries, and DEP have proved extremely effective against viruses and malware. Plus, with iOS 6, these types of attacks will be prevented, as you will be warned when apps request permission to do things like, say, send your address book to a remote server.

I wouldn't hold my breath for another "iOS trojan" to show up any time soon.

This post has been edited by Extremist: 05 July 2012 - 12:52 PM

lorax1284, on 05 July 2012 - 12:31 PM, said:

There have been quite a few malware attacks on the Blackberry. Ever heard of the Zeus Trojan? Blackberry OS definitely has the most secure core out of all mobile platforms, but it is still vulnerable, just like every OS is.

Impossible. Macs can't get viruses. I read it on the Mac forums.

rwoodward, on 05 July 2012 - 01:23 PM, said:

Yah cuz iPhone is a Mac DURRR

"it's the first time we've ever seen a malicious app make it into Apple's App Store."

Untrue, didn't someone recently put an app with malicious code onto the app store, just to prove it could be done?

Also, I find it interesting that the app was removed from the play store before the iStore.

ArmandoRodriguez, on 05 July 2012 - 12:35 PM, said:

Yet another example of how iOS can be less secure than Android.