In the past couple of weeks, there has been some breathless reporting about how iOS users could now install pirated apps without having to jailbreak their phones. This was made possible by certain Chinese app store-like services.
Some of the reporting has been wondering how this was possible, but anyone with knowledge of iOS enterprise deployments knew what was going on. The same features which allow enterprises to deploy their own custom apps have now been abused to deliver pirated apps to users.
This “newly discovered” method represents one of the methods to get malicious/fake apps onto the iOS devices. However, because the iOS sandbox has not been compromised, what each app can and can’t do is rather limited. The iOS app may try to send out some personal privacy information to external server which creates privacy data leakage problem.
For now it’s not likely to be much of a security threat, as the number of users who would actually use these “pirated” app stores is rather limited. However, it does represent an interesting avenue for targeted attacks in enterprise settings. It wouldn’t take much effort to refine this into something that could more seamlessly get users to install apps on their own iOS devices via a link they receive on their desktop or laptop and connecting their phone via USB. (Expect Apple to fix this down the road.)
What should users learn from this? It’s a lesson that Android users have known for a while now – yes, you can install bad apps onto your device. Attackers have to work harder to do so, but it’s still possible. As users, we need to be careful not to install any app from unknown source. Mobile private information leak always starts from installing malicious app on the device, even iOS users aren’t spared to the risk of bad apps.
For more information on Mobile threats landscape, read our TrendLabs 2012 Mobile Threat and Security Roundup.