All the due-diligence in the world could not stop the ironclad iOS App store from falling prey to malware. Today, it was announced that several trusted app developers were conned into using counterfeit versions of Xcodes, dubbed XcodesGhost, in application construction. The result, according to initial reports, was approximately 40 apps being infected with malware.
In more recent developments, as reported by WIRED, Apple has removed more than 300 infected apps from the App store. What’s more, the company has found that the bad apples might be more harmful to customers than previously thought.
Initial reports indicated that Palo Alto Networks managed to single out 40 applications that were infected, including banking apps, mobile carrier apps, stock trading apps, messaging services—one of which was WeChat—among others. According to WIRED, the infection was thought to be able to pilfer minute snippets of information, “such as a device’s ID, and the current time.”
However, updates to the findings of Palo Alto—among other researchers—suggest the apps are also capable of receiving commands from the attacker, making it possible for bad actors to read and write data to a user’s clipboard, prompt fraudulent alerts on a user’s display, and open certain URLS—some of these tactics make it possible to phish data, for example, by stealing passwords. While many of the 300-plus apps were for the Chinese market, some such as ‘CamCard’ are used in the United States.
Xcodes is an authentic software development tool from Apple that allows for the creation of iOS and Mac apps. In this case, cyber criminals were able to leverage Chinese developers’ limited access to Internet-downloaded software. Scammers created a counterfeit version of Xcodes, and made it more immediately available to legitimate app developers, who subsequently embedded their iOS applications with the malware. Apple, despite its draconian approval process, was blindsided.
At last report, Apple told the Guardian that the company had removed all infected apps from the App store, and was ensuring that the developers were employing the correct version of Xcodes.
The Cupertino computer makers’ App store has long been regarded as a safer environment than Android’s Google Play, but even Apple has chinks in its armor. At present, the take away seems to be a rehash of the old refrain, “you can never be too careful,” especially when it comes to cybersecurity in today’s digital landscape of threats.
More updates and expert analysis may follow.
Antivirus software is not enough. Apex Technology Services used its decades of IT and cybersecurity
experience to create budget-friendly network security packages every company needs.
Please take a moment to fill out your information so we can contact you directly regarding your request.
SEPTA looked to ZeroEyes to start a pilot program designed to reduce the likelihood of gun-related violence on train platforms.
Almost three-fourths of consumers believe brand interactions in the metaverse are in a position to replace brand interactions in the real-world, or at…
There are many different types of technology that you can use when it comes to trading investments. This WB Trading review will discuss some of the to…
Mush Foods teamed up with several fungi fermentation companies from abroad to form a new international trade association: The Fungi Protein Associatio…
When most people think about CRM, they think about sales and marketing. But CRM banking is a powerful tool that can help banks and credit unions impro…