Jekyll on iOS: When Benign Apps Become Evil
“Jekyll apps do not hinge on specific implementation flaws in iOS,” the paper explains. “They present an incomplete view of their logic (i.e., control flows) to app reviewers, and obtain the signatures on the code gadgets that remote attackers can freely assemble at runtime by exploiting the planted vulnerabilities to carry out new (malicious) logic.”
Assembling malicious logic at runtime avoids detection by reviewers and by automated methods of static analysis, a way to analyze program code without actually executing the instructions.
The full Usenix paper is available here.