![]() ![]() Xiao adds that searching for Xcode via Google's Chinese site results in a link to the malicious version of Xcode appearing on the first page of search results, and notes that download links to the malicious version of Xcode were also posted to numerous forums and websites frequented by Chinese iOS developers, beginning in March. ![]() One of those sources, however, turned out to be a malicious version of Xcode - hosted on the Baidu Pan cloud service - that was advertised as being a faster way to download the development tools. "As the standard Xcode installer is nearly 3GB, some Chinese developers choose to download the package from other sources or get copies from colleagues." "In China - and in other places around the world - sometimes network speeds are very slow when downloading large files from Apple's servers," Palo Alto Networks senior security researcher Claud Xiao says in a blog post. Security experts say attackers snuck the malicious apps onto Apple's App Store by distributing a malicious version of Apple's official Xcode development tool, which is used for developing iOS and Mac OS X apps.ĭownloading the software from Apple's official Mac App Store, however, can be a slow process for China-based developers. NetEase, meanwhile, says that a newly released version of its music player eliminates the malware. Tencent has confirmed that the 6.2.5 version of WeChat is infected, and urged customers to upgrade to 6.2.6 to mitigate the flaw, although it says that it preliminary investigation found no evidence that the malware stole users' private information or resulted in data leakage. Multiple development firms, including Tencent, NetEase and Jianshu, have issued statements about their affected products and detailed how customers can ensure they are running an XcodeGhost-free version of their apps. ![]() "We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps." "We've removed the apps from the App Store that we know have been created with this counterfeit software," Apple spokeswoman Christine Monaghan tells Reuters. For example, WeChat is widely used across the Asia-Pacific region, while business card scanning program CamCard - which is developed by a Chinese company - is the most-downloaded business card reader and scanner in many countries, including the United States.Īpple has now excised the malicious apps from its App Store. Other infected Chinese-language apps included China's most popular car-hailing app, Didi Kuaidi a streaming-music app from Internet portal NetEase the Railway 12306 app, which is the country's only official app for purchasing train tickets and a mobile banking app from China CITIC Bank.īut not all of the infected apps were limited to China. The malicious apps, Palo Alto Networks says, included Tencent's WeChat app, which has an estimated 600 million users, although not all of them would be using the iOS client. Its researchers were the first to document the malware on Sept. The name XcodeGhost was first coined by researchers at Alibaba Mobile Security, a mobile anti-virus division of China-based Alibaba Group Holding. Prior to the attack, cybersecurity firm Palo Alto Networks reports, only five malicious apps had ever been discovered in the app store. 20 confirmed that it had deleted malicious iPhone, iPad and iPod Touch software after multiple information security firms warned that "XcodeGhost" malware had been found embedded in otherwise legitimate apps, many of which were aimed at Chinese-language speakers.Ĭhinese Internet security firm Qihoo360 Technology says in a blog post that it detected 344 XcodeGhost-infected apps being distributed via the official Apple App Store. See Also: OnDemand Webinar | Learn Why CISOs Are Embracing These Top ASM Use Cases NowĪpple on Sept. Apple is moving to contain an outbreak of malware-infected apps that may have been downloaded by hundreds of millions of iOS App Store users.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |