XcodeGhost Creeps into iOS App Store, Malware Originated from China

By

Apple has run into another problem with their software. Due to a malicious version of the Xcode development software in China, several apps in the App Store are now infected.

The Cupertino-based tech giant's App Store has been criticized to be very strict about the incoming apps. However, it's that trait that led to a secure apps ecosystem for iOS devices. Unlike Android's Google Play Store, there has just been a small number of malware outbreaks.

Now, there is another malware attack on Apple's App Store and it is considered to be the worst so far. The hackers distributed a modified version of Apple's Xcode program and is dubbed as XcodeGhost, according to Palo Alto Networks. In total, this is the sixth time that the App Store has been infected with malware.

Even popular apps were not safe from being infected. WeChat, a widely popular messaging app across the globe, was also infected. There are also other apps that were infected such as stock trading apps, games and even mobile carrier apps.

Apple has said that they are already on top of the situation. Spokeswoman Christine Monaghan told Reuters in an email that they are removing the infected apps from the App Store. She added that they are also working alongside the app developers to guarantee that they are now using the clean and original version of the Xcode in rebuilding their apps.

Xcode is officially distributed by Apple. However, the developers want to download it faster in China. Instead of downloading it from Apple's official servers, they got the modified version of Xcode on Baidu, a popular cloud file sharing service in China.

Since Xcode is originally from Apple, apps made using the XcodeGhost pass through Apple's code review process, according to Mac Rumors. These infected apps are now free to download for the millions of iOS device users not only in China, but all around the world.

What can the XcodeGhost do to iPhones and iPads? It can collect several types of information from the devices such as the device name, time, language and country, and a lot more. Palo Alto Networks also reported that the hackers can send a fake alert dialog for phishing attempts.

To avoid being infected further, iOS device users should uninstall any of the iOS apps listed by Palo Alto Networks. It's also advised to reset any crucial passwords.

Tags
Apple

© 2024 VCPOST.com All rights reserved. Do not reproduce without permission.

Join the Conversation

Real Time Analytics