As part of a paper, researchers at Georgia Tech submitted a malicious app, named 'Jekyll', to Apple's App Store to determine whether the company would spot the virus during the company's review process.
They didn't, reports the MIT Technology Review.
The app, which appears only to display news from Georgia Tech, in fact contained code fragments that would later assemble into a 'malicious digital creature.'
The researchers submited the app to Apple's App Store and through monitoring the progress of 'Jekyll' they established that Apple only ran a review on the app for a few seconds before releasing it.
Fortunately, researchers only allowed the app to stay live for a few minutes giving themselves enough time to install it and attack themselves to trial their theory.
The app was then removed from the Apple Store and took no victims with it.
Long Lu, a Stony Brook University researcher who worked on the 'Jekyll' app says, "The message we want to deliver is that right now, the Apple review process is mostly doing a static analysis of the app, which we say is not sufficient because dynamically generated logic cannot be very easily seen."
In response to the Georgia Tech researchers paper, Tom Neymayr, an Apple Spokesman has said that the company has made changes to its iOS mobile operating system in response but made no comment on the app-review.
Source: MIT Technology Review