When it comes to approving apps for the iTunes App Store, Apple for the most part has been pretty strict about it and to date there aren’t that many cases of malware on iOS. This is not to say that Apple’s system is perfect because according to a recent experiment conducted by a team from Georgia Tech, it seems that they have managed to slip a malware app past Apple and actually get it approved for download!
According to Technology Review, it seems that Apple’s review process of an app might not be as expansive as we might have thought. It was found that the review process might only take a few seconds (it might depend on the type of app) before given the green light which definitely is not enough time for Apple to detect that the app could be malicious in nature. The app submitted by the researchers contained code fragments which then assembled themselves into malware which could then be used to send emails, text messages, steal personal information, and etc.
According to one of the researchers, Long Lu, “The message we want to deliver is that right now, the Apple review process is mostly doing a static analysis of the app, which we say is not sufficient because dynamically generated logic cannot be very easily seen.” Pretty scary when you think about it! Hopefully Apple will be reviewing their review process after this “scare”.