French Company Intego Release First iPhone Malware Scanner


This is quite an interesting story as it’s very closely related to the story we published earlier this week – Malicious PDF Files To Exploit iPhone & iPad Zero Day In The Wild. Hot on the tail of that news is the first-ever malware scanning app for iOS devices (iPhone/iPad etc) from a French security company called Intego.

The odd thing is the app can’t scan the filesystem of the device due to the iOS sandbox – but it can scan remotely hosted files (e-mail attachments, files in your Dropbox account and on on).

It’ll be interesting to see what kind of response this app gets and if people will be interested in purchasing it.

A French security company known for its Mac OS X antivirus software today released the first malware-scanning app for the iPhone and iPad and iPod Touch. Intego’s VirusBarrier for iOS has been approved by Apple, and debuted on the App Store Tuesday for $2.99.

Because iOS prevents the program from accessing the file system or conducting automatic or scheduled scans — as do virtually all Mac and Windows antivirus software — VirusBarrier must be manually engaged, and then scans only file attachments and files on remote servers, said Peter James, a spokesman for Intego.

“Because of the sandbox, you can’t scan the file system,” said James. “Since you don’t see the iOS file system, the only things you can scan are attachments sent by email or files in, say, your Dropbox folder.”

Unlike software written for Android — such as Lookout, from the San Francisco-based company by the same name — VirusBarrier cannot scan apps for possible infection. When an email attachment is received by the iPhone, iPad or iPod Touch, the user can intercede by calling on VirusBarrier, which then scans the file for possible infection before the file is opened or forwarded to others.

“We’ve had enterprise customers say that although they know you can’t do a full system scan of an iPhone, they don’t like the fact that files go through these devices and end up on a Mac or Windows PC,” said James. “They want their users to be able to check that an attachment is safe.”

It also can’t scan apps for possible infection, which is kind of weak – but I guess it’s supportive of the walled garden approach implemented by Apple. Seen as though all official apps are vetted by Apple there shouldn’t be any infections anyway (unless the user executed a JailBreak their device).

Symantec did make some kind of push into the iOS market in October 2010, but I’m not sure what came of it – Symantec Expands Security Products To Cover Android & iOS.

With the whole model Apple is running on the iOS platform – there honestly isn’t that many vectors for attack.


He characterized VirusBarrier for iOS as a way for iPhone and iPad users to prevent their hardware from spreading malware. “You don’t want your iPhone becoming a ‘Typhoid Mary,'” James said.

VirusBarrier for iOS can scan email attachments in a variety of formats, including Microsoft’s Word, Excel and PowerPoint; PDF documents; JavaScript files; and Windows executables, those files tagged with the .exe extension. It can also scan files in a Dropbox folder, those stored on MobileMe’s iDisk, or files downloaded via the iOS version of Safari. The scanning engine and signatures — the digital “fingerprints” used to detect malware — in VirusBarrier for iOS are identical to those used by Intego’s Mac OS X product line.

VirusBarrier for iOS lets iPhone and iPad users run on-demand scans of email attachments before those files are opened or forwarded.

“It’s important that people understand what [VirusBarrier] can and cannot do,” said James, pointing to the malware scanner’s limitations. “Although there is no malware written for iOS today, if attackers do try to exploit the [recent] PDF vulnerability, this is something we can scan for.”

James was referring to the still-unpatched vulnerability in iOS that can be exploited through a malicious PDF document, one of two bugs used last week to “jailbreak” an iPhone , iPad or iPod Touch. VirusBarrier for iOS can be downloaded to an iPhone, iPad or iPod Touch from Apple’s App Store. It requires iOS 4.0 or later.

You can check out the app on Apple’s App Store here:

VirusBarrier By Intego

Basically the purpose of the app seems to more towards halting malware application on the iPhone – rather than preventing the device itself getting infected. You can read a lot more about it on the App Store description.

Source: Network World

Posted in: Apple, Countermeasures, Malware, Security Software

, , , ,


Latest Posts:


APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc
GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.


2 Responses to French Company Intego Release First iPhone Malware Scanner

  1. Bogwitch August 14, 2011 at 11:13 pm #

    Hey Darknet, is it worth me drawing your attention to these or are you on top of it?

    • Darknet August 15, 2011 at 11:27 am #

      I’m on it like chronic, prefer you don’t tbh because it just gives me another thing to delete :D Thanks tho!