Apple Suffers Its First Major App Store Malware Attack Affecting Hundreds of Apps

Apple Suffers Its First Major App Store Malware Attack Affecting Hundreds of Apps

Posted by · 21163 views · Translate

Apple has confirmed its first major malware attack affecting hundreds of apps, reports Reuters. A malicious program dubbed XcodeGhost has been embedded in hundreds of legitimate apps.

Hackers managed to embed malicious code into so many apps by convincing developers to download a counterfeit version of Xcode. Developers downloaded the infected version of Xcode from servers in China because it downloaded faster from that server than from Apple's own servers.

"We’ve removed the apps from the App Store that we know have been created with this counterfeit software," Apple spokeswoman Christine Monaghan said in an email. "We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps."

Palo Alto Networks examined the code inserted into infected iOS applications. It's capable of performing the following actions:
● Prompt a fake alert dialog to phish user credentials;
● Hijack opening specific URLs based on their scheme, which could allow for exploitation of vulnerabilities in the iOS system or other iOS apps;
● Read and write data in the user’s clipboard, which could be used to read the user’s password if that password is copied from a password management tool.

Additionally, one developer says that XcodeGhost has already launched phishing attacks, prompting users to input their iCloud passwords.

Compromised apps include Tencent Holdings mobile chat app WeChat, car-hailing app Didi Kuaidi and a music app from Internet portal NetEase.

Chinese security firm Qihoo360 Technology says it's identified 344 infected apps thus far. Apple hasn't revealed the number of apps it's identified as being compromised and has yet to provide any instructions on how users can check their device for XcodeGhost.

For now we would recommend immediately installing any app updates that come up. Please follow iClarified on Twitter, Facebook, Google+, or RSS for updates.

Read More

Apple Suffers Its First Major App Store Malware Attack Affecting Hundreds of Apps

Cp - September 21, 2015 at 9:10pm
" the servers in china were used as opposed to apple's because they were faster"? Was quality & security sacrificed here for the sake of the almighty $? Has anybody followed the $ trail here?
Roger Melly - September 21, 2015 at 8:40pm
Apple need to stamp out jb and vet coding better....
ottifant - September 22, 2015 at 2:57pm
This is NOT JB related at all!
chukaman - September 22, 2015 at 9:01pm
Wtf? This is not about JB...
Vanimox - September 21, 2015 at 1:16pm
If you actually think about it, these applications had to go though apples approval process to even get into the App Store. That being said, what people should really be concerned about is not that developers downloaded a malicious version of Xcode, but rather, that apple actually approved the infected applications that were created with this infected Xcode.
10 More Comments