Apple, known for its stringent approach to user privacy and security, has recently found itself at the center of an alarming discovery concerning the App Store. Researchers from Kaspersky have uncovered a new type of malware in certain apps available for download. This is reportedly a significant breach, as it marks what they describe as the “first known case” of this kind of malware slipping through Apple’s rigorous checks.
This malicious software has the capability to capture data from user screenshots, posing a direct threat to user privacy. Interestingly, the malware is not exclusive to iOS; it also infiltrates Android devices. Dmitry Kalinin and Sergey Puzan, the researchers from Kaspersky, revealed in their report how the malware cleverly abuses Optical Character Recognition (OCR) technology to harvest sensitive data. On iPhones, it scours the Photo Library for key phrases, particularly those related to crypto wallets, and this discovery is the first of its kind in Apple’s app environment.
For Android users, the malware operates by deploying an OCR plug-in through Google’s ML Kit library. It examines gallery images for specific keyword matches sent from a command server, subsequently transmitting relevant images back to this server. The iPhone variant operates similarly, using the same library for OCR processes.
What’s particularly disconcerting is that a variety of apps are implicated with this malware, targeting users across Europe and Asia. Some applications may unknowingly run this harmful code, slipping through Apple’s strict review process. The researchers noted apps ranging from legitimate-seeming services, like food delivery, to AI-driven messaging platforms possibly designed to ensnare unsuspecting users.
Currently, several of these compromised apps, including ComeCome, a food delivery app, as well as AnyGPT and WeTink chatbots, are still available on the App Store. This remains a troubling issue as these apps can still be downloaded.
It is awaited whether Apple will revisit its App Store guidelines to prevent future security lapses of this nature, and how they plan to address the current situation. We’ll be keeping an eye on updates from Apple to see how they respond to this growing privacy threat. Stay tuned for more information.
