A security breach affecting the iPhone, iPod touch and iPad would allow hackers to offer applications that steal information, send SMS or destroy data, warns a specialist expert on Apple products.
Charlie Miller, a researcher at Accuvant Labs security firm, a prototype of a malicious application, said on the App Store has confirmed this vulnerability. “The application has successfully passed Apple’s validation service”, he explains. Currently, there is no evidence or user feedback to suggest that any attacks have taken place, said the security expert, who said that such an attack is possible. "Until now you could download anything from the App Store without fear of malware. Now you no longer know what an application is capable of ”, says Charlie Miller.
An application to track the stock market uses as a Trojan horse.
The application examined in depth by the security expert is called Proof of Concept. "As soon as the application is launched, it can execute commands or retrieve information without the user's knowledge"says Miller.
Apple was warned by Miller who now sees his developer account blocked…
Despite the Cupertino firm not yet wishing to express its views on this subject, the security expert said that he had alerted Apple about this vulnerability. The latter only removed the offending application on the spot and… blocked Charlie Miller’s developer account to his surprise.
There is no doubt that Apple has taken the warning seriously and is currently working to provide a solution to close this loophole.
We discuss it on the forum.
Security breach demonstration video: