Traces of malware activity detected in App Store game

Rusli
Rusli Posts: 1,012 Influencer

http://reviews.cnet.com/8301-13727_7-57582761-263/traces-of-malware-activity-detected-in-app-store-game/

 

Traces of malware activity detected in App Store game

A suspicious iframe link has been detected in an App Store program. Here's why you shouldn't worry.

Topher Kessler
 May 3, 2013 10:35 AM PDT
 

MacWorld is reporting that a program on the iOS App Store may be detected as containing malware, but in analysis the program is not considered to be malicious.

After its readers wrote in about the potential of malware in a game calledSimply Find It that is available on the iTunes App Store, MacWorld confirmed traces of nonfunctional Trojan horse malware embedded in an MP3 file used by the program, which shows an HTML iframe reference to a potentially malicious (but currently unresponsive) Web page.

This is not the first time that malwarelike activity has been found in programs in the iTunes store. In July 2012, Windows-based malware was found embedded in the iOS store, likely from the developers' systems being exposed to the malware during testing.

This latest finding shows Trojan-like behavior in the program; however, it's really not currently a threat to Mac or iOS users. The malware activity is so far identified by a single HTML string in a file that points to a potentially malicious Web page. The program does not appear to make any use of this string, suggesting the program or this file was simply affected by malware at some time during development, as opposed to containing an active threat.

 

Is this Apple's fault? In its testing, MacWorld found the program is not flagged by several other anti-malware tools. Apple tests the App Store programs thoroughly to see how they behave when run by consumers, but given that this iframe link is a benign and nonfunctional appendage to the program, it could have been overlooked like any other piece of nonfunctional metadata.

Ultimately, this threat can be more accurately described as a suspicious but nonfunctional embedded link from traces of prior malware activity that might cause some malware-scanning tools to flag the program, but as security expert Rich Mogul mentioned to MacWorld, "A malware link that never runs isn't a threat," so overall iOS users should have nothing to worry about.

This discussion has been closed.