10 March 2015
Hailed as the security innovation of the last decade by renowned cybersecurity expert Mikko Hypponen, the Apple App Store has long been held up as a shining example of how to prevent malware from penetrating your platform, with Apple’s walled-garden approach protecting iPhone, iPad and iPod touch users from cybercriminals.
But that could all change in 2015 according to a mobile security expert who believes that criminals have the ability to carry out a wide range of attacks on the platform and the groundwork for these attacks has already been laid.
Kevin Mahaffey, CEO of mobile security experts Lookout, believes that while the threat of being infected on Android is still much higher, the situation with iOS malware right now reflects the state of Android malware in 2010, when the first significant Trojan called FakePlayer was discovered in the wild with the first piece of malware – DroidDream – discovered a year later.
Mahaffey believes that 2015 will bring a new wave of iOS attacks that will fundamentally change the iOS threat landscape:
“Bad guys are rational economic actors. Because Android is so much more popular in the world they’re targeting the largest platforms first [but] criminals are soon going to double down on iOS with targeted attacks.”
According to security researchers at Lookout, they have observed iOS malware which can execute a lot of the same malicious actions that Android malware can, including monetary theft, corporate network access, device surveillance and data exfiltration.
The only action which they have yet to observe iOS malware performing is toll fraud.
Unlike Google, Apple uses humans to review each and every app which is submitted to the App Store, which Lookout says has done a good job of protecting users by keeping less sophisticated malware off iPhones and iPads – but the process its says “is not perfect”.
One of the myths perpetuated about iOS is that there has never been a case of a malicious app being published in the App Store, but Lookout disputes this pointing to a trojan called Find and Call which downloaded your phonebook and spammed contacts – though some security experts questioned the definition of this strictly as malware.
In the last year we have seen hackers look to infiltrate iPhones and iPad by first infecting Apple Mac computers which in turn infect the iOS devices once they are plugged in.
Discovered by Palo Alto Networks in November 2014, Wirelurker was heralded as “a new era in malware attacking Apple’s desktop and mobile platforms”.
However this attack was only affecting a limited number of Chinese users who had downloaded a piece of software from a third-party Mac app store – meaning that we are yet to see a mainstream attack affecting iOS.
Also revealed in November 2014 was Masque, which allowed legitimately downloaded iOS apps to be compromised by malicious software downloaded after the initial app install. Apple downplayed the problem, saying it hasn’t seen any users affected.
Lookout believe that while the number of people actually affected by malware remains significantly higher on Android than iOS, in terms of what the malware can actually do on the devices, “the groundwork has been laid for significant threats to emerge” on iOS. It adds: “The iOS App Store is not the impenetrable walled garden you think it is.”
Source – http://www.ibtimes.co.uk/significant-iphone-ipad-malware-threats-will-emerge-2015-1490577