An iOS app called “Instaquotes Quotes Cards for Instagram” has been found to have a piece of Windows malware. However, it’s worth noting that many iOS users will never have a problem resulting from this because it has no effect on the iOS device itself. Also, users with a Mac will not notice any problems resulting from this piece of malicious code.
Users who organize their apps on Windows can be affected by the worm embedded in the app. The exact name of the worm is Worm.VB-900. The first people to report it assumed it was a false positive, but upon further review, it is a very real piece of Windows malware hidden away in an iOS app.
Apps from iTunes come in packages called .ipa files. These packages can contain any number of files that make the app work. When you sync your device to iTunes, the entire package is copied to your PC. If one of those files is malware, it will reside on your PC, and can cause problems.
Thankfully, this particular worm is quite old, and most antivirus software should have little issue removing it. Still, if it could happen with this app, another worm could certainly slip through the cracks again and it could be something worse.
The app has since been removed from the App Store, so you will not be able to download it until it is fixed. Let this serve as a warning that just because an app is meant for your iPhone, it could still contain harmful files for your PC or other device.
Source: Cnet
Image Credit: Screenshot by Topher Kessler/CNET
More articles about:
Hide 10 Comments
oh, that’s just sneaky. PC users have no idea charging their iPhones can threaten their machines.
Great to see Microsoft Security Essentials being used! Ever since discovering MSE, I have stopped paying for expensive antivirus softwares.
Good choice! As long as it’s keeping everything secure no reason to spend extra!
Ohh that is screwed up.
i know there is no perfect security, but this is nothing like installing jailbroken apps which is sometimes not safe.. its too late to say that were safe
If you mean to say “pirated apps” such as those found on Installous, then you’d be more accurate because the apps uploaded to Installous’ sources are less regulated. Any modified IPA could find its way up.
Apps and tweaks on the Cydia Store and many of its repositories, however, are just as safe, if not safer than apps on Apple’s App Store to even a basic user. Some Cydia Store apps were even created specifically to fix iOS security flaws (such as the exploitable PDF bug in 4.0′s Safari after JailbreakMe 2.0 was released, which Apple didn’t fix until quite a while after Cydia had a tweak for it).
Deliver an A-platform virus into a B-platform app (and taking into consideration the purpose) – hm! It sounds quite smart to me.
It is crafty and quite malicious!
So how exactly does this get run on a Windows machine? An ipa file doesn’t sound like one that could get executed.
That is ridiculously sneaky. I wonder how many people encountered the attack..