iOS Vulnerable to Malware Attack, Security Firm Warns
Those who believe Apple doesn't take security as seriously as Microsoft have new fuel: the Kaspersky security company claims that because Apple won't allow companies to develop "true endpoint security" for iOS, iOS will become a malware target, leading to plunging iOS market share.
Eugene Kaspersky told the Register that Apple won't lets his company develop anti-virus software for iOS devices due to the closed nature of Apple's SDK. He warns that iOS's sizable market share makes it a tempting target for malware writers. And because iOS won't have "true endpoint security" from companies like Kaspersky, "That will mean disaster for Apple."
He admits that iOS "is more secure" than other operating systems. Injecting malware into it "is more complicated" than other types of attacks, and so as a result, malware writers have stayed away from it. But eventually, he believes, they will attack. He say that malware writers:
"...are happy with Windows computers. Now they are happy with Mac. They are happy with Android. It is much more difficult to infect iOS but it is possible and when it happens it will be the worst-case scenario because there will be no protection. The Apple SDK won't let us do it."
He predicts that malware writers will take an unusual route to infection:
"The only way is to inject it into the source code of legal software. It will take place in a marketplace and then there will be millions or tens of millions of devices" infected.
As a result of attacks like that, he predicts a decline in iOS market share.
This isn't the first time that Kaspersky has had a run-in with Apple over security. Last month, he claimed that Apple is "ten years behind Microsoft" when it comes to security, and that Apple should emulate Microsoft's approach to security.
Kaspersky certainly has a vested interest in getting Apple to allow his company to develop iOS anti-malware -- there's plenty of money for his company to make if it can sell anti-malware for iOS. But Apple has frequently denied its software has vulnerabilities, and only acts when it's forced to. The recent Flashback trojan attack shows just how vulnerable the Mac is, even though Apple has long downplayed OS X vulnerabilities. If Kaspersky is right, it's only a matter of time before iOS is attacked as well.