Apple approves fake iPhone app for App Store
Security experts can't tell whether bogus Camera+ was malicious
Computerworld - Apple let a fake app slip through its approval process for the iOS App Store, the makers of the popular Camera+ program said over the weekend.
Security researchers who noted the slip-up did not know whether the bogus app contained malware because they had been unable to grab a copy before Apple yanked it from the App Store.
On Saturday, the iPhoneography blog announced that a new App Store entry was fake.
The App Store listing touted Camera+ version 4.0, and listed the price at $0.99.
Although the real Camera+ -- created by Tap Tap Tap -- is sold for the same price, it's only at version 2.4.
iPhoneography's Glyn Evans contacted Tap Tap Tap, who confirmed that Camera+ 4.0 was phony.
"Oh, Apple and your all too often disappointing approval process," said Tap Tap Tap on Twitter Saturday.
Tap Tap Tap has butted heads with Apple before: In 2010, Apple yanked Camera+ from the App Store in a dispute over a violation of Apple's developer agreements.
Apple later restored Camera+ to its app distribution channel.
U.K. security company Sophos noted the fake Camera+, but said it couldn't tell whether the app had a malicious purpose.
"We haven't been able to get our hands on a copy of the bogus app, so we cannot confirm if it contained any malicious functionality," said Graham Cluley, a Sophos senior security consultant, in a blog Monday. In a follow-up email, a Sophos spokeswoman said the company believed it was probably created to siphon money from Tap Tap Tap's sales.
The fake Camera+ used graphics identical to the real deal to promote the program on the App Store.
According to that entry -- which was still available Monday via Google's search cache -- the bogus Camera+ was released on Saturday, Jan. 21 by a Hiep Nguyen of a company called Pursuit Special.
Later that day, Apple pulled the illicit Camera+ from the App Store, Tap Tap Tap confirmed on Twitter.
Apple's gaffe was notable since most security experts consider the iPhone platform more secure from hacker misuse because Apple vets each app before allowing it into the App Store, unlike Google.
Google's Android Market has been plagued with bogus apps, many of which contain some kind of malicious functionality. Last month, for example, Google scrubbed 22 malware-infected apps from its official e-store.
Cluley wondered how Apple could have screwed up.
"But questions still remain as to what went wrong with Apple's approval process," Cluley said. "After all, Camera+ is currently the 14th best-selling app in the App Store -- Apple should surely recognize if someone other than Tap Tap Tap tries to submit it to the store."
As of mid-day Monday, Camera+ was actually No. 7 on Apple's bestseller list of paid iPhone apps.
Apple did not immediately reply to questions Monday.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.
- Apple kicks off public OS X beta testing
- Apple patches Secure Transport, but not because of Heartbleed
- Apple customers downsize iPhone, iPad storage in March quarter
- Free OS X Mavericks now powers half of all Macs
- Apple has bigger plans than just song ID with Shazam deal
- Mac Pro shortage sets record as worst Mac production debacle
- Apple slates WWDC for June 2-6, sets up ticket lottery
- Apple patches Safari's Pwn2Own vulnerability, two-dozen other critical bugs
- Microsoft's free OneNote vaults to top of Mac App Store chart
- Apple discounts iPhone 5C 8%-9% in five markets via storage cuts
Read more about Mobile Apps in Computerworld's Mobile Apps Topic Center.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Gartner Magic Quadrant for Mobile Application Development Platforms As unprecedented numbers of enterprises build mobile applications, the mobile application development platform market continues to grow and evolve rapidly.
- The Total Economic Impact of IBM's Worklight Platform Mobile is the fastest growing consumer technology in history. As enterprises build apps to engage these new users they are facing increased complexity...
- Improve Your Mobile Application Security with IBM Worklight IBM® Worklight helps organizations extend their business across multiple mobile devices. It provides an open, comprehensive and advanced mobile application platform to help...
- Unlock the Value of Enterprise Mobility Download this guide and learn how to manage the secure deployment of enterprise mobile apps and data, while still encouraging the levels of...
- It's Chaos Out There Worried about your mobile apps? You should be; it's chaos out there. Check out this humorous video and see if you can recognize...
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control. All Mobile Apps White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!