

Jekyll on iOS: When Benign Apps Become Evil (while passing App Store review) - Terretta
https://www.usenix.org/conference/usenixsecurity13/jekyll-ios-when-benign-apps-become-evil

======
Terretta
Synopsis: _" A novel attack method that ... allows attackers to reliably hide
malicious behavior that would otherwise get their app rejected by the Apple
review process... make the apps remotely exploitable and subsequently
introduce malicious control flows by rearranging signed code."_

Direct to PDF:
[https://www.usenix.org/system/files/conference/usenixsecurit...](https://www.usenix.org/system/files/conference/usenixsecurity13/sec13-paper_wang_2.pdf)

I thought the idea of using dynamic analysis to find and exploit private APIs
without referencing them in ways app review could find, was inspired.

