Previous Story
Apple confirms App Store hack, U.S. apps appear unaffected
Apple usually distributes the tool itself. “Here we have the walled garden of iTunes being toppled by third- party use of a developer software package being distributed out of China”. Some notable examples are CamCard, WinZip, and WeChat.
The developers in China were somehow tricked used tools that carried the malicious code that attacked the apps, according to Palo Alto Networks, a United States security company. They were real apps made by trustworthy developers who unwittingly unleashed this malware onto millions of customers. If it’s rejected, based on Cupertino’s long list of guidelines, it can be appealed to the App Review Board.
However, the authors of this malware took advantage of developer’s need for the Xcode software.
The makers of taxi-hailing app Didi Kuaidi, which claims 200 million regular users, said its software had been infected but denied users’ privacy was compromised.
As regards to the identity of the attackers, the security firm hasn’t identified one yet.
“The techniques used in this attack could be adopted by criminal espionage-focused groups to gain access to iOS devices”, Xiao says.
But users can now breathe easily.
Most of the apps affected seem to be aimed at the Chinese market – the most prominent is WeChat, a WhatsApp competitor with a major following in China. But it told Reuters that the hackers duped legitimate developers into using an infected version of Apple’s app-development software, known as Xcode.
They also encourage them to use the proper version of its Xcode. The report mentions that at least two popular iOS apps were infected. While previous versions ate up a lot of space, the latest one is less than 1.5GB.
The breach was considered to be a rare vulnerability in Apple’s mobile platform and it actually is the first breach of this kind to affect the famous company. The total number of apps that were discovered to be infected by the malware was over three dozen, according to Palo Alto Networks. And thanks to its feature set, many iPhone and iPad users have downloaded and installed the update in the days since its release.
