So as we know the iPad and iPhones have been pretty clean from getting malware and things of that nature. However now a Mac hacker by the name of Charlie Miller found a way to get a bad app into your phone right under Apple’s nose. Apparently Miller is going to present a method that exploits a flow in Apples restriction on code signing on iOS devices at the SysCan conference in Taiwan next week. Miller actually planted a sleeper app in the app store to demonstrate this trick, an app can actually phone home to a remote pc that downloads new unapproved commands onto the device and executes them at will, including stealing photos, reading contacts, make the phone vibrate or play sounds or re-purposing normal iOS app functions for malicious gain. ?Now you could have a program in the App Store like Angry Birds that can run new code on your phone that Apple never had a chance to check,? says Miller. ?With this bug, you can?t be assured of anything you download from the App Store behaving nicely.?
Here is the video that will demonstrate the security vulnerability:
