Previous Story
Apple’s App Store suffers first major malware attack; WeChat among China
Posted On Sep 23 2015
Comment: Off
Earlier this week, Apple finally released the public version of its latest operating system iOS 9, though the roll out was not without issues as several iPhone and iPad users complained of problems such as bugs, Wi-Fi drops, apps crashingand failed installs. The malware, dubbed XcodeGhost, was embedded in legitimate iPhone and iPad apps and arose from app developers using a counterfeit version of Xcode, Apple’s software for creating iOS and Mac apps.
As of the time of the writing of the blog on Friday, Palo Alto Networks said 39 iOS apps were infected. This is how the malicious code was embedded in these apps.
‘We’ve removed the apps from the App Store that we know have been created with this counterfeit software, ‘ Apple spokeswoman Christine Monaghan said in an email. Majority of the infected apps seemed to be aimed at the Chinese market.
Chinese safety agency Qihoo360 Technology Co stated on its weblog that it had uncovered 344 apps tainted with XcodeGhost. Worse, apps infected with XcodeGhost manage to bypass the usual strict review process, allowing apps to go public on the App Store containing the malware. Though this news might be music to the ears of Google, but it isn’t to many an iOS users worldwide.
Apple has reported its first sustained security breach on its iOS software platform. The company said other attackers may copy the approach, with developers now forming a huge target. It is safe to say that the iOS is a total victor .
WooYun said developers downloaded the Xcode from non-official channels, through which third-party’s codes were able to enter the apps. As app makers checked to see whether their products had been infected, Apple and security researchers worked to find and get rid of the bad versions of Xcode, which were all on a cloud hosting service owned by the Chinese Internet company Baidu.
The attack affected over three dozen apps according to a US based firm of cybersecurity. Xcode is available to developers for free, but there are some advantages to using forked versions that may offer additional content outside of Apple’s official boundaries.
