Apple, the world’s leading brand is always supposed to have set the great degree of safety & security measures while performing any activity or launching any app on App Store. In fact buyers consider security as one of the reasons to prefer to buy Apple devices instead of Android or any other smartphones especially the professional folks. But since Apple has disclosed about the malicious attack on its app store it has disappointed its several users and future customers. Apple exposed this breaking news after several cyber security firms pointed out malware on several of the Apple apps.
This malware arises from a malicious program dubbed XcodeGhost. Xcode is an Apple’s official software for developing iOS apps. According to cyber security firm Palo Alto Networks Inc. XcodeGhost has infected various legitimate apps. The list includes WeChat, Popular smartphone chat App, some music apps & car-hailing app Didi Kuaidi and many more. Prior to this malicious attack, total of just 5 apps were found malware affected in Apple’s history.
Ryan Olson, director of threat intelligence at Palo Alto Networks had revealed the reason for the infection of Xcode. He said hackers embedded the legitimate code in developer’s software and infected the machine and convincing developers to use the software (Xcode) to develop iOS and Mac apps.
Most of the Chinese developers downloaded this infected version of Xcode hosted elsewhere because china’s widespread censorship of the web, connections to servers are comparatively faster than other countries. Not only developers but internet users also prefer an alternative domestic source for large downloads which results into insertion of malicious code into the apps. Apple developer’s believe that many of app developers might have ignored the Gatekeeper warning (Apple’s security software) in order to run malicious Xcode.
Here is how developers ignore a warning which indicated the software was damaged and should be moved to the trash:
But the Apple intelligence team has assured that malware attack was not so effective and till now there is no information of any kind of harm due to data theft been recorded. In fact Apple has removed all the infected apps from the app store that have been created by the malicious software Xcode. As well, authorities are working hard with the developers of legitimate apps to make sure they are using the official version of Xcode to rebuild the apps said by Apple spokeswoman Christine Monaghan.
The full official statement by Apple is as follows:
The XCodeGhost has been published by it’s the Author on github -
The brief analysis shows that the above information is sent to a unique URL via a HTTP POST request.
If we see, Apple did not reveal how many apps it uncovered that are found infected or how many users have downloaded those apps. But many researchers are predicting that the list is long. According to Palo Alto Networks it has published a list of 39 of the affected iOS apps . While, Qihoo360 Technology, Chinese Security Company said on its blog that it had detected 344 apps that were infected.
A researcher at the Sans Institute provides the following useful information for the iOS users on its blog – It lets you know how to check whether your device is infected or not.
So, don’t waste a minute and check your iOS device whether it is safe from malicious attack or not.
I will keep updating the post with latest news regarding the same . Keep visiting the blog for recent updates & do take all the safety measures before any infected app hits your device.