Previous Story
What apps have been infected by the Apple iOS hack?
Posted On Sep 22 2015
Comment: Off
Xcodeghost was able to infiltrate the apps after software developers were tricked into using compromised versions of Xcode, the developer tool kit of Apple.
Apple’s Xcode provides the tools developers need to build iOS apps. Palo Alto Networks has a list of affected apps. Cybersecurity experts say it just goes to show that any device, including those running Apple’s iOS software, can be vulnerable to hackers. Many affected apps have since been updated and are no longer infected by XcodeGhost.
Horwitz searched for a download Xcode using the Chinese search engine Baidu, and found four different forums where people could get unofficial versions of the software toolkit. The hackers convinced app makers in China to download the modified Xcode from the local servers. Some developers of legitimate apps mistakenly downloaded the malware-infected version of Xcode, which secretly embedded malicious code into the apps they were developing.
A security team at Chinese cyber security firm Qihoo360 said that 344 of the 145,000 apps it scanned were found to be infected with the malicious code linked with XcodeGhost, including WeChat, AutoNavi map and Didi Dache. The conditions, according to Wired: “The terms of the offer include the demand that the bug not be reported to Apple or publicly disclosed, the better to allow Zerodium’s customers to use the technique in secret”.
“Customers will be receiving more information letting them know if they’ve downloaded an app/apps that could have been compromised”, the company wrote, though it did not specify when or how users would be notified.
One of the popular apps that were affected was WeChat, where bad versions of it appeared and were available globally. WeChat alone has about 500 million users, and is installed on pretty much every Chinese iPhone, and several other of the infected applications are also hugely popular.
He made the comment after Apple on Sunday confirmed that the App Store had suffered its first large-scale breach.
Palo Alto Networks Director of Threat Intelligence Ryan Olson said the malware had limited functionality and his firm had uncovered no examples of data theft or other harm as a result of the attack.
