Thousands of iOS apps in App Store contain backdoor in advertising platform




Thousands of iOS apps have built a version of an advertising platform, which allows malicious data from iOS users can steal. Until now no app seems to have made use of the backdoor.

It goes as far as known to 2846 apps, which have the backdoor on board using an older version of advertising platform mobi saga AdSage. Apps that use the latest version of mobi saga, 7.0.5, the backdoor not. Of the 2846 apps have around 900 contacted a AdSage server, so they had the opportunity to load malicious code.

The backdoor can malicious record audio, take screenshots and, if the user had allowed, malicious sideload apps on iOS devices. This can be due to the sandboxing of iOS only when the app is running. However, there is no indication that the backdoor is really used. Security company FireEye discovered the backdoor and briefed Apple two weeks ago.

The backdoor lies in the fact that the old version of the saga mobi allowed apps from the AdSage server could download and execute arbitrary JavaScript code. That is also the reason that Apple has approved apps in the App Store. Although the backdoor was present, the apps contain at time of publication no malicious code. Because there are apps that use the old sage mobi version, it is still possible attackers to use the backdoor, so treasure the security company.

Tuesday it became clear that developers have sold information about an exploit, which makes it possible to penetrate an iOS device via the browser. Because it involves a series of zero days, it is possible to escape the sandbox and to take over the whole device.


In: Technology & Gadgets Asked By: [15446 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »