Apple Weathers The First Major Malware Attack On Its App Store

22 Sep 2015 | Author: | No comments yet »

Apple Confirms Malware-Infected Apps Found And Removed From Its Chinese App Store.

BEIJING • Apple Inc. has removed some applications from its App Store after developers in China were tricked into using software tools that added malicious code in an unusual security breach.

Apple has confirmed a security breach in its Chinese App Store which saw nearly forty popular applications infected with malware – a result of app developers being tricked into downloading a compromised version of Apple’s Xcode developer tool kit.App developers who downloaded key Apple software from somewhere other than the company’s App Store inadvertently stuck viruses into several big-name apps, mostly in China. The breach, first discovered by researchers at Alibaba Mobile Security, affected a number of popular apps in the region, including WeChat, Didi Kuaidi (an Uber-like service), business card scanning app CamCard, and several others. The iPhone, iPod and iPad apps laden with malicious code allow hackers to send people to counterfeit websites, where usernames and passwords could be harvested, or access data that are being copied and pasted. Messaging app WeChat, Chinese ride-hailing app Didi Kuaidi and contacts app CamCard were among those affected, cybersecurity company Palo Alto Networks reported last week.

However, the shares appear to be responding to the positive news of the day, which is Canaccord Genuity‘s Mike Walkley reiterating a Buy rating and raising his price target to $160 from $155 after concluding that “Apple will maintain very strong share of the premium tier smartphone market” with its recently released iPhone 6s and 6s Plus, which go on sale at retail this Friday. Walkley sees half a billion people using the iPhone at the end of this calendar year, helped by switchers from Google’s (GOOGL) Android who had abandoned Apple’s platform during prior iPhone cycles: We believe the new Apple installment plan programs combined with similar to more aggressively priced installment programs from leading carriers will improve the rate of iPhone upgrade sales to the growing installed base of iPhone users. The malicious code spread through a counterfeit version of Apple’s Xcode tools used to create apps for its iPhones and iPads, according to the company. In fact, with only 27% of the iPhone installed base having upgraded to the iPhone 6/6 Plus devices by the end Q3/F15, we anticipate continued strong replacement sales through C2015 and beyond.

Apple only recently began storing data on servers in China, a move that makes accessing photos, movies and documents much quicker for the millions of people in China who are taking up the iPhone. But to even install this affected version of the Xcode software, developers had to ignore a warning which indicated the software was damaged and should be moved to the trash: In other words, Apple’s Gatekeeper technology, which prevents non-App Store and unsigned versions of programs, like Xcode, from being installed, was doing its job. Apple didn’t immediately say whether it also stores apps in China, but generally downloads are slow because of China’s distance from the company’s servers and the country’s extra firewalls.

But as apps built using the fake versions reached the App Store, malicious code secretly passed within them, potentially affecting hundreds of millions of consumers. Hackers are increasingly looking for new ways to target mobile apps and devices, including iPhones, because they are so widely used by many consumers, added Darren Hayes, a cyber-security expert at Pace University in New York. Some of those instructions included a prompt that would be a fake alert that phished for user credentials; a way to hijack opening special website URLs, which would allow for further exploitation in the iOS system; and the ability to write and write data to the user’s clipboard which could be used to read the user’s password, in the case the password was copied from a password management tool. The creators of this malware took advantage of public frustration with Beijing’s Internet filters, which hamper access to Apple and other foreign websites. It’s unclear who’s behind the attack at present, the security firm says, but it did indicate that the techniques used could be those that “criminal and espionage groups” would use to gain access to iOS devices.

Version 6.2.6 of the app is not affected. “Most of the time, everything turns out fine,” Tod Beardsley, security research manager at Rapid7, said in a prepared statement. “It’s not that developers are dumb and don’t know the risks; they simply consider the risk extremely unlikely, and if it’s slightly more convenient to ignore one or two security best practices, they will proceed accordingly.” The company also says it’s working with developers to make sure their apps are not at risk and that they’re using the proper version of Xcode. “Apple takes security very seriously and iOS is designed to be reliable and secure from the moment you turn on your device.

A fake version of one of these tools was posted by untrusted sources which may compromise user security from apps that are created with this counterfeit tool. The company disclosed the effort after several cyber security firms reported finding a malicious program dubbed XcodeGhost that was embedded in hundreds of legitimate apps. Parent company Tencent has since posted to its official blog confirming the discovery of the security flaw, noting that only those who were running WeChat v6.2.5 for iOS would have downloaded the infected version of its app.

In addition, Tencent said that its initial investigations showed that there had been “no theft and leakage of users’ information or money,” but the company would continue to monitor the situation closely. For starters, it’s unclear at this time how many users may have actually downloaded the malware-laden apps while they were available on the store, and how these users will be notified to upgrade to the most recent version. In addition, years ago, Apple founder and CEO Steve Jobs confirmed that Apple did, in fact, have a “kill switch” of sorts to remove apps from users’ devices.

Here you can write a commentary on the recording "Apple Weathers The First Major Malware Attack On Its App Store".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site