Security researcher Charlie Miller from Accuvant has found a flaw in Apple’s App Store, demonstrating how it’s possible to create a malicious application that is accepted into the store. Although all apps need to pass Apple’s review process, Mr Miller created a ‘proof of concept’ app that appeared benign but was able to steal data after receiving an online update.
The app was placed in the Apple App Store in September but was only discovered this week. Mr Miller had contacted Apple about the vulnerability three weeks ago. He’s subsequently been banned from Apple’s iOS developer program for a year.
[Forbes.com; BBC News; Charlie Miller on Twitter]