Newsletters
News & Information for Technology Purchasers NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Click for more information, or
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
GET RECOGNIZED.
Let an ISACA® certification
elevate your career.

Register today and save
Mobile Tech
24/7/365 Network Uptime!
Average Rating:
Rate this article:  
Is Fake iMessage App Malware or Not?
Is Fake iMessage App Malware or Not?

By Jennifer LeClaire
September 24, 2013 1:32PM

    Bookmark and Share
Although there are a growing number of Android malware headlines in tech news lately, it's not clear if the iMessage Chat app for Android, which lets Android users chat with Apple iOS users, directly fits the bill, said Ken Pickering, director of engineering at CORE Security.
 



For all the talk about hackers cracking Apple's Touch ID security, there's another Apple-related threat that should be on the smartphone world's radar screen. But this one comes with a twist.

And here's the twist: It's not Apple users who are at risk. It's Android users who think they are looking at an Apple app.

The app is called iMessage Chat and it's available for free from the Google Play Store. The app lets Android users chat with iOS users, much like BBM (BlackBerry Messenger) lets BlackBerry users chat with other platforms. But it reportedly reads your messages, installs malware on your device, and even steals your Apple passwords.

Accessing the Secret Sauce

Jay Freeman, an application developer best known for creating the Cydia app store for jailbroken iPhones, is sounding the alarm. He explained the way it works: The client directly connects to Apple, but the data is all processed on the developer's server in China.

"This not only means that Apple can't just block them by IP address, but also that they get to keep the 'secret sauce' on their servers (and potentially just run Apple code: there are some parts of the process in Apple's client code that is highly obfuscated)," he wrote on a Google+ post.

Freeman explained that every packet from Apple is forwarded to 222.77.191.206, which then sends back exactly what data to send to Apple, along with extra packets that he presumes tell the client what's happening so it can update its user interface. Likewise, he said, if the client wants to send a message, it first talks to the third-party server, which returns what needs to be sent to Apple. The data is re-encrypted as part of this process, he continued, but its size is deterministically unaffected.

"Clearly, this is suboptimal from a security perspective. Is this the kind of thing that Google gets involved in?" he asked. "The developer is even responding to reviews about login issues asking only for user's Apple IDs, which makes it sound like even the authentication must be under his direct control (where it can be logged and debugged given only the username). Arguably, though, the app does do what it claims to do ;P."

Is It Really Malware?

Ken Pickering, director of engineering at CORE Security, pointed to the growing number of Android malware headlines in tech news lately. But he told us he's not sure if this application directly fits the bill.

"It's hard to know if it's a bad application or a phishing attempt. They're not informing users that their credentials and messages are likely stored on developer servers and it doesn't seem to do what it claims -- according to the Verge's test -- that could be because Apple has blocked its servers, or it may be a ham-handed attempt to farm credentials," Pickering said.

"But, the general rule of thumb for all mobile app installers: review the security information Android gives you when you install an app, and be careful about entering any external credentials into any third-party application unless you trust them completely," he added.
 

Tell Us What You Think
Comment:

Name:



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Mobile Tech
1.   Nokia X Phones Had Identity Crisis
2.   GoTenna: Work-Thru for Dead Zones
3.   Microsoft Axes Android Phones
4.   Apple-IBM Deal Weighs on BlackBerry
5.   Google Adds Features to Wallet App


advertisement
Android SMS Worm on the Loose
Malware lets bad actors cash in.
Average Rating:
Review: Microsoft's Surface Pro 3
Is it a tablet and laptop replacement?
Average Rating:
Nokia X Phones Had Identity Crisis
'Gateway' devices didn't resonate.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Juniper DDoS Solution Aims at High-IQ Networks
In the face of more complex attacks, Juniper Networks is boosting its DDoS Secure solution to help companies mitigate the threats with more effective security intelligence throughout the network fabric.
 
Large-Volume DDoS Attacks Hit Record in 2014
The number of distributed denial-of-service (DDoS) attacks set a record in the first half of 2014, according to a report by Arbor Networks. The number of attacks over 20 GB/sec doubled.
 
U.N.: Nations Hide Rise in Private Digital Snooping
Governments on every continent are hiding an increasing reliance on private companies to snoop on citizens' digital lives, the U.N. human rights office says, with grave concerns about privacy.
 

Enterprise Hardware Spotlight
Contrary to Report, Lenovo's Staying in Small Windows Tablets
Device maker Lenovo has clarified a report that indicated it is getting out of the small Windows tablet business -- as in the ThinkPad 8 and the 8-inch Miix 2. But the firm said it is not exiting that market.
 
Seagate Unveils Networked Drives for Small Businesses
Seagate is out with five new networked attached storage products aimed at small businesses. The drives are for companies with up to 50 workers, and range in capacity from two to 20 terabytes.
 
Another Day, Another Internet of Things Consortium Is Born
In the emerging Internet of Things, zillions of devices will be talking to each other. Samsung, Intel and Dell just formed a consortium to ensure each thing can understand what others are saying.
 

Navigation
NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | Small Business | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.