According to a somewhat alarming new report from MacWorld, an iOS app available in Apple’s App Store was found to contain an embedded Trojan horse.
The app, we’re told, isn’t dangerous and should pose no threat.
The bad news, however, is that this potential malware threat found its way past Apple’s review process in the first place.
“The app Simply Find It, a $2 game from Simply Game, seems harmless enough. But if you run Bitdefender Virus Scanner—a free app in the Mac App Store—it will warn you about the presence of a Trojan horse within the app,” says Lex Friedman of MacWorld. “A reader tipped Macworld off to the presence of the malware, and we confirmed it.”
Although Android is a well-known magnet for malware, iOS territory is still thought to be mostly immune to malware.
Security expert Rich Mogull tells Friedman that the app causing the commotion is “certainly harmless.”
“If Apple tested the app by running it in a sandbox and watching the app’s activities, that would be more effective than scanning MP3s for malware strings,” Mogull explains, noting that it remains unclear how Apple actually tests apps during the approval process.
“Thus,” Mogull concludes, “we don’t know for sure if [any Apple malware-scanning] process worked or not. A malware link that never runs isn’t a threat, and there are very legitimate ways of testing that won’t find something like this if it isn’t a valid exploit.”