Home / / Apple iOS vulnerability exposed

Apple iOS vulnerability exposed

Hackers can build malicious apps to exploit software flaw

Apple iOS vulnerability exposed
Security firm discovers vulnerability in Apple's iOS that may allow iPads and iPhones to be compromised by apps containing malware.

Apple's iPhones and iPads have a software flaw that allows malicious apps, built by hackers, to install programs, destroy information and steal personal data, according to a security expert at Accuvant Labs.

Researcher Charlie Miller, identified the problem and built a malicious program to test the flaw. The malicious app was accepted into Apple's App Store past the security vetting process, according to Reuters.

Miller told Reuters that there is no evidence that hackers have yet exploited this vulnerability in the Apple iOS, but said that the test proved that there could be malware in the App Store.

"Until now you could just download everything from the App Store and not worry about it being malicious. Now you have no idea what an app might do," Miller told Reuters.

Miller's program, a stock-market monitoring tool called InstaStock, was programmed to connect to his server once downloaded, and to then download whatever program he wanted.

Miller in 2009 identified a bug in the iPhone text-messaging system that allowed attackers to gain remote control over the devices. He said he had contacted Apple about this vulnerability.

Follow us to get the most comprehensive consumer tech news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.