Apple removes Windows malware from iOS App Store

Apple removes Windows malware from iOS App Store

Summary: Malware hit the iOS App Store. Don't worry though: it won't harm your iPhone, iPad, or Mac (your Windows computer is a different story, but even that is a long shot), and Apple has already removed it.


On Tuesday, an iOS app in the App Store was discovered containing malicious Windows executable files. While this meant your iPad, iPhone, iPod touch, and Mac could not be infected, even Windows users were relatively safe since the malware had to be manually extracted from the iOS application package. Either way, Apple quickly removed it.

iOS user "deesto" posted the following message in the Apple Support Communities forum in a post titled "apps reported as virus" (via CNET):

I just downloaded two apps from iTunes, and one of them has been flagged by ClamXav as being a virus:
-Quotes for Cards (for Instagram)

2012-07-24 10:19:21 /Users/{me}/Music/iTunes/Mobile Applications/Downloads/Instaquotes-Quotes Cards For Instagram.tmp/Info.plist: OK
2012-07-24 10:19:22 /Users/{me}/Music/iTunes/Mobile Applications/Downloads/Instaquotes-Quotes Cards For Instagram.tmp/ Worm.VB-900 FOUND
2012-07-24 10:19:24 /Users/{me}/Music/iTunes/Mobile Applications/Instaqoutes 1.0.ipa: Worm.VB-900 FOUND

I let ClamXav move it to the trash, but what else can/should be done? How can I verify whether this is actually a virus? A search for information on the app turned up very little, and nothing at all with reference to a possible virus or malware.

In short, the app called "Instaquotes-Quotes Cards For Instagram" was being flagged by the user's antivirus as a worm. While some argued this was a false positive, it was quickly confirmed the iOS package included a threat identified as Worm.VB-900 by ClamAV and Worm:Win32/VB.CB by Microsoft.

The app in question had been in the App Store since July 19. Over the weekend, its price was temporarily slashed from $0.99 to free. It is unknown how many users downloaded the infected app while it was available, and Apple is unlikely to share such information.

Within hours of the report, Apple removed the app from the App Store. The developer "Appsstand" then posted the following message in the same forum topic:

Thank you For Emailing is us about the Infected app , We are Now working with apple To Push the Updated app the the appstore . Thanks

It's not entirely clear whether the malware's inclusion inside the app was done on purpose. Given that it wasn't exactly set up to infect a computer upon download, it's most likely this was an accidental inclusion due to an the developer's computer being infected.

Apple needs to start scanning for Windows malware as well as Mac and iOS malware when developers upload their apps to the company's app repository. A simple extraction and scanning of all the files from the iOS app package would have prevented this threat from getting onto the iOS App Store.

See also:

Topics: Security, Apple, Apps, iOS, Malware, Windows

Emil Protalinski

About Emil Protalinski

Emil is a freelance journalist writing for CNET and ZDNet. Over the years,
he has covered the tech industry for multiple publications, including Ars
Technica, Neowin, and TechSpot.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Like normal

    Apple & Linux users need to help scan for windows malware.. Just because it don't affect us we need to think about others.. osx I recommend clam, linux clam or avast..

    just do a regular scan once a month, don't need to waste cpu cycles on stuff running in memory..
    Anthony E
    • Yeah, Take no reponsibility

      Pass around every virus known to man. If it doesn't affect you then who cares right? Hopefully your bank get's this virus and it takes all your money.
  • so why do they screen apps?

    This is not the first time they overlook something and then try to save face...
  • Yes

    It has already become a tradition.

    For full computer protection I want recommend Adware Remover: