silversurfer

Level 53
Verified
Trusted
Content Creator
Malware Hunter
SQLite databases can be modified in such a way that they execute malicious code inside other apps that rely on them to store data, security researchers have revealed.

In demos presented at the DEF CON security conference in Las Vegas today, Check Point security researcher Omer Gull showed demos of a tainted SQLite database hijacking the command and control server of a malware operation, and malware using SQLite to achieve persistence on iOS devices.

The idea is that vulnerabilities in how third-party apps read data from SQLite databases allows a third-party to hide malicious code in the SQLite database's data. When the third-party app, such as iMessage, reads the tainted SQLite database, it also inadvertantly executes the hidden code.