Skip to main content

Apple iPhone, iPad bug could allow malware installs

Apple iPhone and iPad suffer from a serious security flaw that could allow software from the iTunes App Store to install malicious code and applications without a user knowing, according to a report by news agency Reuters.

The weakness was discovered by a researcher at Accuvant Labs, Charlie Millier. He put together a malicious test application of his own which the app store failed to miss in its security checks.

Millier says he is worried what the potential for this security hole could mean:

"Until now, you could just download everything from the App Store and not worry about it being malicious. Now you have no idea what an app might do."

Here's a video of his application in action and an explanation from the man himself:

What Millier's test app does - on the face of it - is track stocks. But behind the scenes, once it's installed the malicious software connects to his server and promptly downloads whatever software he chooses. This could be anything from Trojans to viruses, spyware and more.

The revelation comes after a bad run for Apple, with users complaining of battery life problems on the new iPhone 4S under iOS 5, as well as the still-unfixed DST bug that left US iPhone users out of sync when Daylight Savings Time ended last weekend.

With the increase in popularity of Apple devices over recent years, a rise in complaints is almost inevitable - but problems of this nature will do little for Apple's reputation and the "it just works" motto that was banded around so much in the past. monitors all leading technology stories and rounds them up to help you save time hunting them down.