Security researcher Charlie Miller found a flaw in code signing on iOS devices which allows developers to sneak malware apps onto the App Store without Apple’s detection. This malware can be used to read your contacts, send the device files, steal photo’s, even make it ring or vibrate! So what does Apple do to thank this developer for bringing this major security vulnerability, remove his developer account!
A security researcher, looking into possible security holes in your coding….that’s unheard of. I hope this comes as a splash of cold water on every Apple iOS user’s face to wake them up that not even they are safe from malicious code. One thing to note about this discovery is that it can be in any app in the App Store.
Miller first displayed this by developing his own app with the malware in it, the app was approved by Apple, and then using the app, created this video to show everyone:
Obviously Miller’s app has been removed from the App Store. Oops Apple.