First-Of-Its-Kind Hack On China Apple App Store; Counterfeit IOS App Building Software Used To Steal Data, Send It To Hacker-Based Servers


First-Of-Its-Kind Hack On China Apple App Store;  Counterfeit IOS App  Building Software Used To Steal Data

First-Of-Its-Kind Hack On China Apple App Store;  Counterfeit IOS App  Building Software Used To Steal Data, Send It To Hacker-Based Servers

A  large-scale attack on Apple’s App Store occurred recently and it is thought to be the first of its kind. The hack duplicated Apple’s IOS app building software and prompted developers to download it. The counterfeit software was used to allow the hackers  to steal user  data and  send it to hacker-controlled servers, BBC reported.

Some applications affected by the XcodeGhost include Tencent’s hugely popular WeChat app, a cab hailing app and a music downloading app. Apple is in the process of deleting malicious code from commonly used iPhones and iPad app in China.
Cybersecurity Palo Alto Networks, a cyber security specialist,  examined the malware called XcodeGhost and they found hackers can also send fake alerts to infected devices using the tool. This would trick device users to reveal personal info. 
Paolo Alto Networks said hackers  could also read and modify information found on clipboards from compromised devices. This would enable hackers to see  login info  copied from password management apps.
WeChat is hugely popular chat app in China. However, it is not used as frequently in foreign countries. Apart from Tencent’s WeChat app,  Didi Kuaidi’s Uber-like cab hailing app, NetEase’s music downloading app and business card scanner CamCard.
“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” said Apple spokeswoman Christine Monaghan in a BBC News report.
“We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps,” said Monaghan.
Tencent announced on its WeChat website the security problem threatened an older version of the app WeChat 6.2.5. The newer versions were not threatened by the hack. The company’s investigation also revealed that no data theft had occurred. 
“In Apple’s walled garden App Store, this sort of thing shouldn’t happen,” said BBC News.
It added, “The company goes to great lengths, and great expense, to sift through each and every submission to the store. Staff check for quality, usability and, above all else, security.”
“Apple’s quality testers, who generally do a very good job in keeping out nasties, but in this case couldn’t detect the threat,” said the report.
The malware was first found by quality-check employees at Alibaba, the Chinese e-commerce firm. “It discovered that the hackers had uploaded several altered versions of Xcode – a tool used to build iOS apps – to a Chinese cloud storage service.” BBC said.
“Then, about six months ago, the attackers posted links to the software on several forums commonly visited by Chinese developers.” 

What's Your Reaction?

Angry Angry
0
Angry
Lol Lol
0
Lol
Love Love
0
Love
OMG OMG
0
OMG
Sad Sad
0
Sad
Scary Scary
0
Scary

Comments 0

Your email address will not be published.

log in

Don't have an account?
sign up

reset password

Back to
log in

sign up

Back to
log in
Choose A Format
Story
Formatted Text with Embeds and Visuals
Image
Photo or GIF