The one and first of its kind, a major attack on iOS apple store has surprised everyone, including the Apple itself. The company was considered to be the most secure and error free till now. However the recent case of malware injected malicious programs passing the Apple review process has put things on question. Prior to this, just 5 cases of malicious apps were ever found in App store, confirmed the cyber security firms.
From the moment of inception, Apple Inc APPL.0 has been trying to identify and remove the infected iPhone and iPad programs that are the first large scale attack on this secure and popular software outlet. The company disclosed the news that they have found a malicious malware called as XcodeGhost embedded in hundreds of the authorized apps, and they are cleaning it up.
It has been suggested that the hackers were able to embed these codes by convincing the developers of legitimate software using a counterfeit version of Apple software for the iOS and Mac Apps creation. This version is known as Xcode, said the Apple.
While the Apple spokesperson confirmed that they have removed the apps that were found embedded with the malicious code, from the iTunes store. They also ensured that these app developers will be using the proper and legitimate version of the Xcode to rebuild their apps now onwards. However they did not announced any declaration regarding the steps they will take to confirm whether their devices are infected or not?
The Threat Intelligence firms said these malwares have limited functionality and there is no data related theft or any other harmful effects of the attacks known. However, even after the stringent process of Apple reviews, it comes out as a big deal if Apple store can be compromised with hacking codes. This hints that other attackers might copy this approach and try to do same things in future, which will not be easy to defend.
Hackers duped developers using the bad version or fake version of Apple’s Xcode application development tool, which is being called the XcodeGhost. Interestingly, most of the apps are found to be aimed at Chinese market, including the big name WeChat. Apple has promised to continue work with the developers and provide them with the legit version of the app development tool. One reason of using the duplicate server is being touted to be the slow speed of Apple Servers in China.
Infected apps include Tencent Holdings Ltd’s popular mobile chat app WeChat, car-hailing app Didi Kuaidi and a music app from Internet portal NetEase Inc. Developers are being hacked and that’s why they are now a huge target. Research suggests that the tainted version of the Xcode was downloaded from a Chinese servers that developers might have used to get faster download than the usual Apple U.S. servers. The security flaws on several apps like WeCHat were found on the previous versions and there is no leakage of information found till now. A Chinese firm confirmed about 344 uncovered apps to be found. However, how many Apple apps were uncovered is still unknown!