Legendary security researcher Charlie Miller has proven that the Apple App Store can be stocked with infected apps despite Apple’s closed ecosystem, strict code signing and code review process. He submitted a fake stock ticker app to Apple called Instastock as a proof-of-concept and this was accepted by Apple.
Instastock allowed Charlie to demonstrate the concept that once it was downloaded from the App Store, Instastock could ping and download another file to his server at home.
So what was Charlie’s exploit as we know that iOS typically only runs code that is signed?
Charlie notified Apple about this bug almost 3 weeks ago but not the fact that he had actually published Instastock to prove the vulnerability. He tweeted yesterday – “For the record, without a real app in the AppStore, people would say Apple wouldn’t approve an app that took advantage of this flaw.”
Apple reacted by banning Charlie’s Apple Developer account for a year.