A large-scale attack on Apple’s App Store occurred recently and it is thought to be the first of its kind. The hack duplicated Apple’s IOS app building software and prompted developers to download it. The counterfeit software was used to allow the hackers to steal user data and send it to hacker-controlled servers, BBC reported.
Some applications affected by the XcodeGhost include Tencent’s hugely popular WeChat app, a cab hailing app and a music downloading app. Apple is in the process of deleting malicious code from commonly used iPhones and iPad app in China.
Cybersecurity Palo Alto Networks, a cyber security specialist, examined the malware called XcodeGhost and they found hackers can also send fake alerts to infected devices using the tool. This would trick device users to reveal personal info.
Paolo Alto Networks said hackers could also read and modify information found on clipboards from compromised devices. This would enable hackers to see login info copied from password management apps.
WeChat is hugely popular chat app in China. However, it is not used as frequently in foreign countries. Apart from Tencent’s WeChat app, Didi Kuaidi’s Uber-like cab hailing app, NetEase’s music downloading app and business card scanner CamCard.
“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” said Apple spokeswoman Christine Monaghan in a BBC News report.
“We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps,” said Monaghan.
Tencent announced on its WeChat website the security problem threatened an older version of the app WeChat 6.2.5. The newer versions were not threatened by the hack. The company’s investigation also revealed that no data theft had occurred.
“In Apple’s walled garden App Store, this sort of thing shouldn’t happen,” said BBC News.
It added, “The company goes to great lengths, and great expense, to sift through each and every submission to the store. Staff check for quality, usability and, above all else, security.”
“Apple’s quality testers, who generally do a very good job in keeping out nasties, but in this case couldn’t detect the threat,” said the report.
The malware was first found by quality-check employees at Alibaba, the Chinese e-commerce firm. “It discovered that the hackers had uploaded several altered versions of Xcode – a tool used to build iOS apps – to a Chinese cloud storage service.” BBC said.
“Then, about six months ago, the attackers posted links to the software on several forums commonly visited by Chinese developers.”