Latest


Chinese apps behind Apple's iOS store attack

  •   Mon, Sep 21 2015 04:20:00 PM

New Delhi, Sep 21 (IANS): Cuppertino-based Apple on Monday said it was removing infected apps from its iOS store which it claims was created using a malicious or counterfeit code affecting mostly Chinese apps.

"We've removed the apps from the App Store that we know have been created with this counterfeit software," Apple spokeswoman Christine Monaghan said in a statement.

According to experts, the malicious code, called XcodeGhost, was located in a Mach-O object file that was repackaged into some versions of Xcode installers which affected mostly China-based apps like WeChat, Chinese taxi hailing app Didi Chuxing, train ticket purchasing app Railway 12306, and others including popular stock trading apps.

Almost 344 apps tainted with XcodeGhost was found on the store, Chinese security firm Qihoo360 Technology Co said on its blog.

"Keeping in mind Apple's stringent security standards and closed-interface software, the entry of the malicious code into several apps will make iOS users wary of app downloads from the store," Vishal Tripathi, director of research, Gartner India, said.

"Firstly nowadays developers are a huge target and hence this mode of attack may have been used. If the app is compromised, then end-users will start getting affected," he said, adding that Apple must have put in place a way to check the veracity of apps on the iOS store.

Security firm Paloalto Networks, which was the first to detect the malicious code, said XcodeGhost collects information on the devices running infected apps and uploads that data to command and control servers.

The collected information might include current time, current infected app's name, app's bundle identifier, current device's name and type, current system's language and country, current device's universally unique identifier (UUID) and network type.

UUID is an identifier standard used in software construction which is represented in a 128-bit value. The code can also be used to get access to an infected users' iCloud account.

Tencent's WeChat, which was one of the affected apps, in a blog post said "a security flaw, caused by an external malware, was recently discovered affecting iOS users only on WeChat version 6.2.5."

“This flaw has been repaired and will not affect users who install or upgrade WeChat version 6.2.6 or greater, currently available on the iOS App Store," the blog post said.

"A preliminary investigation into the flaw has revealed that there has been no theft and leakage of users' information or money, but the WeChat team will continue to monitor the situation," the company said.

 
  

Top Stories


Leave a Comment

Title: Chinese apps behind Apple's iOS store attack



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.

You might also like