Email
Password
Remember meForgot password?
    Log in with Twitter

article imageApp Store security breached as malware found buried inside apps

By James Walker     Sep 21, 2015 in Technology
In what is thought to be a first for the platform, Apple has confirmed its usually secure App Store has been subjected to a large-scale malware distribution effort affecting several major apps used by hundreds of millions of people.
The New York Times reports on the discovery, acknowledged by Apple yesterday. The attack was based in China and was centred around a fake, modified copy of Apple's official Xcode developer tools.
The hackers successfully created their own version, known as XcodeGhost, containing malicious code. The developers managed to get the software into use by several key app creators, allowing it to enter the App Store under the pretence of a standard Xcode app compiled by Apple's tools.
By modifying system APIs in Xcode, XcodeGhost could hijack commands sent by apps to the iPhone. Palo Alto Networks, a security firm that investigated the attack, found that the exploit could be used to hijack URLs, control the user's clipboard facilities and show fake dialog boxes to collect sensitive data such as passwords. XcodeGhost could easily form the basis of a serious phishing operation.
Apps that inadvertently used the software include China's Didi Kuaidi taxi-hailing app and the WeChat messaging service which boasts over 500 million users. Creator Tencent wrote in a blog post that XcodeGhost was used for older versions of its app and that users of the latest edition are not at risk. It added that a preliminary investigation suggested there has been no theft of user data.
Over 300 other infected apps have already been found and the number is likely to grow over the next few days. Apple is taking immediate action by removing any XcodeGhost-based app from the store. The company is working with affected app developers to ensure they are able to move to a legitimate version of Xcode.
Apple spokeswoman Christine Monaghan said to Reuters: "To protect our customers, we've removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps."
The incident is believed to be the first time that the App Store has successfully come under large-scale, sophisticated attack. Apple's stringent code review guidelines have historically prevented malware from creeping in but the existence of XcodeGhost is a reminder of how no platform can be kept entirely secure.
More about Apple, App, App store, Ios, Malware
 
Latest News
Top News