User Found Windows Malware Tucked Into iOS App

An iOS user reported via Apple’s discussion forum Tuesday, July 24th, that a certain application he downloaded from iOS App Store was flagged by his security suite as being a virus.

The user who identified himself as “deesto” on Apple’s forums allegedly downloaded “Instaquotes” from the app store but was flagged by ClamXav, an antivirus from Mac OS X.

Image: Computer World

“I just downloaded two apps from iTunes, and one of them has been flagged by ClamXav as being a virus,” wrote deesto.

He said that he let the app be deleted by his software as he didn’t know what to do. While Windows virus couldn’t do any harm to iOS and OS X, there was a great possibility it would infect many devices on both platforms. Experts said one way that the virus would infect other devices is when users use Windows computer to sync their Apple device to iTunes.

Windows dubbed the said malware as “worm” which spread like wildfire since 2008. Different security firms also labeled it with different names;

  • Security Essentials – Win32/VB.CB
  • Symantec – W32.Imaut.AS
  • McAfee – W32/Autorun.worm.h
  • Sophos – W32/VB-DGA

Deesto reported it around 2 p.m. ET and within two hours after the complaint, Instaquotes app has been pulled down from the App Store. The developer was identified as Ilyas Hassani from Morocco who just joined Facebook in June. The app was made available in App Store on July 19th.

Experts believe that the developer may have also been unaware that his app was harboring the worm and it could be that his computer used for development was also infected by the malware.

Computer World, an active community online, did run a check on the app in question. And using Security Essentials on Windows 7 PC, they were able to extract more information about the malware.

A series of actions from the user who discovered the malware on iOS app and Apple who pulled out the app from the store brought resolution to the minor yet possibly widespread problem.

Sources: ComputerWord | Apple Forums