Apple's Biggest 'Hack Attack' Hits iPhone Users

by CXOtoday News Desk    Sep 21, 2015

apple

Hundreds of legitimate apps in the iOS App Store have been infected with malicious code, as Apple struggled to cope with its first large-scale breach of the OS that runs iPhones and iPads. Known as XcodeGhost in the cyber world, the malicious version of the development tool injected extra code into scores of legitimate apps, with reportedly 344 known exploits, said a Business Insider report, which added that this code could sneak through Apple’s formerly watertight submission process.

The software is free to download from Apple’s Mac App Store but it could be that Chinese developers were fooled into using an alternative download that claimed to be quicker. The affected apps include messaging app WeChat, car-hailing app Didi Kuaidi and music app NetEase Cloud Music. All the apps known to have been affected by the attack are only available on the Chinese App Store.

The positive part is, the malware has limited functionality and no istances of data theft or other harm as a result of the attack have been uncovered so far.

The hackers embedded the malicious code in these apps by convincing developers of legitimate software to use a tainted, counterfeit version of Apple’s software for creating iOS and Mac apps that is known as Xcode, Apple told Reuters.

Ryan Olson, director of threat intelligence at Palo Alto Networks, said in a statement that the malware had limited functionality and his firm had uncovered no examples of data theft or other harm as a result of the attack. However, he said it was “a pretty big deal” because it showed that the app store could be compromised. “Other attackers may copy that approach, which is hard to defend against.”

“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” Apple spokeswoman Christine Monaghan told Reuters. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.

Analysts say the tainted version of Xcode was downloaded from a server in China that developers may have used because it allowed for faster downloads than using Apple’s US servers.