Late last week Apple was hit with its first major cyber attack in which hackers were able to embed malicious software in hundreds of iPhone and iPad apps. The malicious program named XcodeGhost was implanted by hackers in apps by misleading developers to use a counterfeit version of Apple’s software Xcode.
This security breach came to light after a few cyber security firms reported finding this malicious program in legitimate apps. At this time it looks like the infection is limited to China but a few other countries are now making the list as this continues to unfold.
According to a report from the Wall Street Journal, the list of infected apps includes Tencent Holdings Ltd.’s popular mobile chat app WeChat, Uber-like car-hailing app Didi Kuaidi, and a Spotify-like music app from Internet portal NetEase Inc.
These infected apps can relay information about a user’s device, despatch fake alerts that could be used to access passwords to Apple’s iCloud service, and read and write information on the user’s clipboard, according to researchers.
Claud Xiao, a security researcher from Plato Alto Networks, a U.S.-based cybersecurity firm said, “We believe XcodeGhost is a very harmful and dangerous malware that has bypassed Apple’s code review and made unprecedented attacks on the iOS ecosystem.”
On Sunday, Apple issued a statement as to the steps they have since taken to protect customers “we’ve removed the apps from the App Store that we know have been created with this counterfeit software and we are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…