Researchers slip a malware infected app past Apple right into the App Store. This article, not intended to scare anyone, gives you a solid reason to back up your iPhone/iPad/iPod before installing apps from the app store. I have personally had two recent experiences that backs up this idea. Both on my iPhone and my wife’s Droid 4, we installed different apps that with a short time caused our phones to act strangely then completely crash. Fortunately, the contacts, text messages, calendars and so forth in our phones were backed up so the only thing needed to be done was to completely factory reset both phones then restore our data and we were up and running again.
According to a post on gigaom.com today, an app developer from Georgia Tech did a test to find out how safe apps on the Apple Store really are. The tests involved developing a malware-infected app, submitting it to Apple and determining if the app would be approved and appear on the App Store. The team submitted the app as one that covered Georgia Tech News. However, once the app is on installed on an iPhone it connects with a secret server to get commands. The extreme danger of this mechanism is that server can then instruct the infected iPhone to do all kinds of things. Those actions include sending emails and texts, take and send photos, send tweets, copy and send out personal information and device information, attack other apps installed and even take over Safari to install other apps.
The research team was able to determine that Apple launched and ran the app for only a few seconds before they completed approved it to be available on their App Store. Meanwhile, the app had hidden code that needed more time to generate the harmful code while the app appeared to be doing what it was supposed to be doing. The research team downloaded their app to their personal Apple devices directly from the App store. Immediately after they did this, they requested the app to be deleted from the store. Since this happened, Apple has made security changes in their iOS based on this test but we still do not know details on what happens during their app review process.
That being said it is strongly recommended to do two things. Be careful what apps you install from the App Store to begin with but more importantly, make sure you have a current backup of all important data stored in your phone. It would be a great idea to back up the phone before you go to the app store. Go ahead and install an app you like but carefully watch to see if your phone does anything you’re not expecting after the app is installed. When you see signs of strange activity your best move would be to immediately restore the phone, which not only wipes the phone clean of the app and any harmful code but it will restore your data as well.