Apple’s pretty proud of its App Store approval system. Too bad security hacker Andy Miller found a code-signing flaw that allows good apps to go bad. Here’s how an app downloaded from the App Store could become a malware threat.
Because of this, an Apple-approved app can phone home once launched and download malicious code that can run amok on the iOS device. A hacker could see a user’s contacts and photos, play sounds on the phone and activate vibrate mode. While remotely making an iPhone vibrate sounds innocuous, control of these aspects of an iOS device could potentially lead to control of other features. Check out the video above of the flaw in action.