Apple's Bad Apps are More Plentiful and Dangerous than Initially Reported

By

All the due-diligence in the world could not stop the ironclad iOS App store from falling prey to malware. Today, it was announced that several trusted app developers were conned into using counterfeit versions of Xcodes, dubbed XcodesGhost, in application construction. The result, according to initial reports, was approximately 40 apps being infected with malware.

In more recent developments, as reported by WIRED, Apple has removed more than 300 infected apps from the App store. What’s more, the company has found that the bad apples might be more harmful to customers than previously thought.

Initial reports indicated that Palo Alto Networks managed to single out 40 applications that were infected, including banking apps, mobile carrier apps, stock trading apps, messaging services—one of which was WeChat—among others. According to WIRED, the infection was thought to be able to pilfer minute snippets of information, “such as a device’s ID, and the current time.”  

However, updates to the findings of Palo Alto—among other researchers—suggest the apps are also capable of receiving commands from the attacker, making it possible for bad actors to read and write data to a user’s clipboard, prompt fraudulent alerts on a user’s display, and open certain URLS—some of these tactics make it possible to phish data, for example, by stealing passwords. While many of the 300-plus apps were for the Chinese market, some such as ‘CamCard’ are used in the United States.     

Xcodes is an authentic software development tool from Apple that allows for the creation of iOS and Mac apps. In this case, cyber criminals were able to leverage Chinese developers’ limited access to Internet-downloaded software. Scammers created a counterfeit version of Xcodes, and made it more immediately available to legitimate app developers, who subsequently embedded their iOS applications with the malware. Apple, despite its draconian approval process, was blindsided.

Image via Shutterstock

At last report, Apple told the Guardian that the company had removed all infected apps from the App store, and was ensuring that the developers were employing the correct version of Xcodes.

The Cupertino computer makers’ App store has long been regarded as a safer environment than Android’s Google Play, but even Apple has chinks in its armor. At present, the take away seems to be a rehash of the old refrain, “you can never be too careful,” especially when it comes to cybersecurity in today’s digital landscape of threats.

More updates and expert analysis may follow




Edited by Maurice Nagle
SHARE THIS ARTICLE
Related Articles

SEPTA Puts ZeroEyes on Public Gun Safety

By: Greg Tavarez    11/28/2022

SEPTA looked to ZeroEyes to start a pilot program designed to reduce the likelihood of gun-related violence on train platforms.

Read More

Brand Interaction in Metaverse? Consumers Express Excitement

By: Greg Tavarez    11/25/2022

Almost three-fourths of consumers believe brand interactions in the metaverse are in a position to replace brand interactions in the real-world, or at…

Read More

WB Trading Review Guide To Top Tech For Trading Success

By: Contributing Writer    11/23/2022

There are many different types of technology that you can use when it comes to trading investments. This WB Trading review will discuss some of the to…

Read More

United (Fungi) Front: Industry Leaders Join Forces to Advance Sustainable Protein

By: Matthew Vulpis    11/18/2022

Mush Foods teamed up with several fungi fermentation companies from abroad to form a new international trade association: The Fungi Protein Associatio…

Read More

What Is Banking CRM and How Can It Help You?

By: Contributing Writer    11/15/2022

When most people think about CRM, they think about sales and marketing. But CRM banking is a powerful tool that can help banks and credit unions impro…

Read More