Ondrej Holzman Apple has to deal with the first serious and large-scale problem with applications infected with dangerous malware after eight years of existence of its software store. He had to download several popular applications from the App Store, which are used by hundreds of millions of users, especially in China.
The malware that managed to infiltrate the App Store is called XcodeGhost and was pushed to developers via a modified version of Xcode, which is used to create iOS apps.
"We have removed apps from the App Store that we know were created with this fake software," confirmed pros Reuters company spokeswoman Christine Monaghan. "We are working with developers to ensure they are using the correct version of Xcode to patch their apps."
Among the most famous apps that have been hacked is the dominant Chinese communication app WeChat, which has over 600 million monthly active users. It is also the popular business card reader CamCard or Uber's Chinese competitor Didi Chuxing. At least with WeChat, according to the developers, everything should be fine. The version released on September 10 contained the malware, but a clean update was released two days ago.
According to security firm Palo Alto Networks, it was indeed a "very malicious and dangerous" malware. XcodeGhost could trigger phishing dialogs, open URLs and read data in the clipboard. At least 39 applications were supposed to be infected. So far, according to Palo Alto Networks, only five apps with malware have appeared in the App Store.
So far, it has not been proven that some data has actually been stolen, but XcodeGhost proves how relatively easy it is to get into the App Store despite strict rules and control. In addition, up to hundreds of titles could have been infected.
Doesn't apple claim that their os is the best and safest in the world? Stupid things are constantly happening, they are constantly prohibited and restricted, and essential things escape them
From what I read, the infected applications were created by infected xcode. I am surprised that if someone is a developer, ie. it specialist that he is using faulty xcode. A subsequent check from apple didn't pick it up. Probably well disguised. I don't know. On Android, however, infection occurs by downloading an application outside ofiko play, agreeing to the application all possible rights, and then you are surprised. It's not the platform's fault. With Apple, it was more insidious in that the infected apps were in the ofiko app store.
iOS is not compromised, so the malware has full control "only" over the application it is in. Plus it can do a few other things that they wrote in the article that a normal application can do (it can monitor the mailbox, create phishing dialogs... ). So it depends on which apps it got into - what the app does and what data it can collect (it will make a difference if I thought of a game or a password manager). The advantage of iOS is that, unlike Android, applications cannot access SMS, so it cannot intercept SMS with confirmation codes for internet banking.
Are you kidding me? :D Yes, of course it's the most secure axis as it's only experienced a few major threats in its lifetime, unlike competing systems that experience one threat after another. Most secure doesn't mean it's completely impenetrable, it just means it's more secure than all the others. And that's him ;)
so that probably explains the state the App Store was in at least yesterday... well, hopefully they'll put it back together soon. Thanks for the info
I apologize to all IT experts for a layman's question - will it be enough if I don't go to the app store until the problem is solved, or am I still in danger?
Don't download anything and don't even leave the house.
Do not deal with it at all and continue to use the device normally. You don't have to worry :)
Thank you:-)
I doubt that developers of such large applications would download Xcode from any reliable source. the file looks like an attack on the local mirrors of Apple's source under the thumb of the state infrastructure in China. Only applications that mainly use users in China were attacked. i.e. the Chinese government is somehow trying to obtain data about its citizens. it's nothing new and it happens a lot in movies.
big companies are steadily fighting the Chinese government. it is a large and interesting market, so they are trying to operate there despite these problems. either this is done in an official way, e.g. in response to the filtering of Google pages, or unofficially, when honest government hackers are trying to mass scan the Gmail accounts of Chinese users
it doesn't even talk about tracking software hard-loaded into the firmware of a ZTE, Xiaomi, etc. phone. There is plenty of evidence on the internet
Hi, I don't know if this is related, but after my iphone told me there was a software update, I installed it and since then one app keeps crashing even after reinstalling…
Bad optimization for the new operating system is to blame, you have to wait until the application itself releases a new update that includes iOS 9 support.
Hey, thanks for the response and help :-)