Windows malware hides in iOS app
Infected app pulled by Apple from App Store
Computerworld - Windows malware slipped past Apple's eye and has been found tucked into software available on the company's iOS App Store.
Although the malware, labeled a worm by Microsoft and tagged as "Win32/VB.CB" by the company, is ineffective against Apple's iOS and OS X operating systems, it may pose a threat to iTunes customers who download iPhone and iPad apps to their Windows PCs before syncing to their mobile devices.
CNET first reported on the worm earlier Tuesday.
A user reported Win32/VB.CB to Apple's support forum around 10:30 a.m. ET Tuesday. The user, identified only as "deesto," said that his or her OS X antivirus warned that "Instaquotes-Quotes Cards for Instagram" was infected.
"I just downloaded two apps from iTunes, and one of them has been flagged by ClamXav as being a virus," wrote deesto.
While others commenting on the same support thread initially suspected the warning may have been a false positive by the antivirus software, CNET and Computerworld separately confirmed that the app was, in fact, harboring the worm.
Computerworld extracted the app's .ipa archive -- the packaging format Apple uses to deliver its apps -- on a Windows 7 PC, then scanned the system using Microsoft's free Security Essentials antivirus program.
Security Essentials flagged the file and warned that it contained Win32/VB.CB.
According to Microsoft's website, the worm harks back to 2008 and is known by several other names, including W32.Imaut.AS (Symantec), W32/Autorun.worm.h (McAfee) and W32/VB-DGA (Sophos).
Microsoft said that the worm "attempts to spread via Yahoo! Messenger ... [and] may also connect to a remote server to download arbitrary files."
Another commenter on the support thread downplayed the threat, even to Windows users, and posed a possible explanation for the infected app.
"It is nothing to worry about," said the commenter, tagged as "etresoft," several hours after deesto opened the discussion. "Considering where this virus is located, it wouldn't even hurt a Windows machine. It looks like an accident from the developer's infected Windows machine."
As of 3 p.m. ET, Instaquotes-Quotes Cards for Instagram was still available on Apple's iOS App Store. According to iTunes, the app launched July 19. On Tuesday, the developer's Facebook page included a comment from a user warning that the app was infected.
By 4:00 p.m. ET, however, the app had been pulled from the App Store.
The developer, identified as Ilyas Hassani of Morocco, could not be reached for comment, and the website he referenced on his Facebook page appeared to be offline.
Hassani joined Facebook on June 1.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is email@example.com.
Read more about Application Security in Computerworld's Application Security Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Riverbed Stingray Application Firewall: Securing Cloud Applications with a Distributed Web Application Firewall Responsibility over IT security is moving away from the network and IT infrastructure and to the application and software architecture itself. IT organizations...
- Web Application Firewalls--Laying the Myths to Rest This paper addresses some of the myths about WAFs and outlines how businesses are optimizing their investment in protecting their ever-evolving web apps.
- PCI DSS Compliance in Cloud Environments This technology analysis addresses the challenges of the evolving cloud security landscape and how organizations can achieve PCI DSS compliance in cloud environments...
- Web Attack Survival Guide This guide will help you protect your organization from external threats targeting your high-value applications and data assets.
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them.
On-Demand Webcast: 7 Reasons to Choose VoIP
Thinking about a new phone system for your business?
Be sure to watch this informative webcast. Steve Strauss, small business columnist for USA...
All Application Security White Papers |