View Full Version : Don't know about you but I like Apple's App approval policy

Jun 7, 2010, 05:00 PM
So, like it or not, Apple are pretty strict on App approval. Just think though, if you had a different handset running Windows Mobile and downloaded this game (with no approval/signatures etc), look what could happen to you (and your wallet);

Miscreants have created a Trojaned version of a Windows mobile game that makes expensive international phone calls from compromised smartphones.

Pirated versions of 3D Anti-terrorist action, a first-person shooter developed by Beijing Huike Technology in China, and uploaded onto several Windows Mobile freeware download sites, come with a nasty add-on courtesy of Russian virus writers. Compromised phones start attempting to silently make expensive international calls without user involvement, as reported in a thread on the XDA-Developers' forum, featuring the experience of a UK victim of the Trojan.

Analysis of the malware by Finnish security firm F-Secure reveals that the malicious code initiates several phone calls to international premium-rate numbers. Presumably VXers receive a percentage of the resulting revenue.

In any case, F-Secure Mobile Security has been updated to detect and block Trojanized versions of this game. Other anti-virus firms can be expected to follow, though the best defence is not to download copies of the game in the first place, of course.

A full write-up of the threat, complete with screenshots, can be found in an informative blog posting by Mikko Hypponen, chief research officer at F-Secure, here.

Using illicit copies of mobile games to trick users into downloading malware has happened before, albeit infrequently, and is far from restricted to Windows mobile devices. F-Secure compares the latest Trojan mobile game to a game called Mosquitos from six years back that bit users of Symbian smartphones by sending premium-rate SMS messages.

Please Apple, don't stop being so strict on the App Store. I like the fact that stuff like this won't happen to me.


Jun 7, 2010, 09:20 PM
The app store approval policy didn't help Apple with the SMS exploit.

Jun 8, 2010, 03:36 AM
Which SMS exploit?