Modified versions of Xcode used to sneak malware into App Store, Apple confirms

21 Sep 2015 | Author: | No comments yet »

Apple Targeted as Malware Infects China Mobile Apps.

Apple cleaned the App Store of apps containing malware today, having discovered a long con that saw developers using infected software tools, inadvertently turning their legit apps into data-collection tools for hackers.But that is all about to change thanks to Apple’s new iOS 9 operating system for iPhones and iPads, which enables so-called “content blockers” to be installed which block ads and website tracking software.BOSTON • Apple Inc. said on Sunday it is cleaning up its iOS App Store to remove malicious iPhone and iPad programs identified in the first large-scale attack on the popular mobile software outlet.Last Wednesday Apple rolled out the latest version of its iOS operating system, and it came with a very nasty sting in the tail for newspapers, magazines and online publishers everywhere.

Several paid apps — such as Peace, Crystal, Purify Blocker and Blockr — have shot to the top of Apple’s App Store charts following iOS 9’s release. The company disclosed the effort after several cyber security firms reported finding a malicious program dubbed XcodeGhost that was embedded in hundreds of legitimate apps. AAPL -0.41 % ’s App Store were found to be infected with malicious software in what is being described as a first-of-its-kind security breach, exposing a rare vulnerability in Apple’s mobile platform, according to multiple researchers. The bad version of Xcode, dubbed XcodeGhost, would make otherwise-good apps from otherwise-good developers send device information (and other, more sensitive credentials) back to the hackers. The fact the apps are highly popular is likely to send shivers down the spines of media executives — whose companies rely heavily on web advertising to survive — and brands, who use web ads as a means to get their message to the masses.

The applications were infected after software developers were lured into using an unauthorized and compromised version of Apple’s developer tool kit, according to researchers at Alibaba Mobile Security, a mobile antivirus division of Alibaba Group Holding Ltd. Most of the apps affected seem to be aimed at the Chinese market — the most prominent is WeChat, a WhatsApp competitor with a major following in China. In another blow for web publishers, the content blockers let users remove “tracking” codes on websites which enable publishers to monitor how many people have read a particular article or web page, and track where they are based geographically, among other information. Many commentators who anticipated the software would only block annoying, intrusive ads (unlike their own sleek, pretty ones) were surprised to find it doing what it said it would – provide an ad-free experience on the web.

In separate statements posted to social media over the weekend, Tencent, Didi Kuaidi Joint Co. and NetEase said their applications had been compromised but said no sensitive customer information had been lost. “At present, we haven’t discovered any loss of user information or assets as a result of this [breach], though the WeChat team will continue to monitor and do tests,” Tencent said in a note posted to the Sina Weibo WB 0.33 % microblogging service late Friday. But Apple’s update only threatens to make mainstream what was already a growing existential threat to any publisher hoping advertising online will support their business. Research from Sourcepoint and comScore shows one in 10 people were blocking ads on desktops and laptops before the Apple update, rising to around a quarter in Germany and France. Researchers said infected apps included Tencent Holdings Ltd.’s popular mobile chat app WeChat, car-hailing app Didi Kuaidi and a music app from Internet portal NetEase Inc.

Technology news website The Verge is calling Apple’s move to enable content blockers “the slow death of the web”, with editor-in-chief Nilay Patel saying “it is going to be a bloodbath of independent media”. “Who’s going to make all that content we love so much, and what will it look like if it only makes money on proprietary platforms?” he asked, referring to Apple News. “These are the questions worth asking — and they deserve better answers than simply ‘they’ll adapt’. Chinese anticensorship activist group called it “the most widespread and significant spread of malware” in the app store’s history.

The trend reflects a truth even most publishers will admit; online ads (and the accompanying bits of computer code that slow down page loading) are annoying. Asked if it was possible the Chinese government was involved, Palo Alto Networks said it didn’t yet have enough information to determine who was behind the attack. It’s just that now consumers have a way to do something about them. “Most media companies have become desperate and they’ve thrown in more ads and more data collectors to eke out more pennies and we’ve had our fill,” says media commentator Jeff Jarvis.

Death.” In a recent post titled “the ethics of modern web ad-blocking”, Peace’s Marco Arment justified his view that ad blockers were a good idea by saying ads made the user experience terrible and that users never consented to being served ads and being tracked online. “In a few years, after the dust has settled, we’re all going to look back at today’s web’s excesses and abuses as an almost unbelievable embarrassment,” he wrote. Other apps found infected with the malware include those belonging to state-run mobile carrier China Unicom, CHU -2.56 % and 12306, the country’s official train-booking website, researchers said. On the record, publishers acknowledge ad blocking as a threat, but say they are equipped to handle it. “I am concerned,” says Jed Hartman, chief revenue officer at the Washington Post. “However, we’ve been accustomed to innovation and technology disrupting the publishing business from every angle for a long time.” In private, there is an awareness ad blocking could be more serious. “Is it more existential? Apple’s move is a double-barrelled effort to boost the health of the so-called app economy while undermining arch rival Google, which dominates the online advertising market.

Yes probably,” says one senior UK newspaper executive. “As a publisher you are relatively powerless, your key revenue generator is being undermined.” Apple has been careful to say the update is designed purely to improve the experience of using its devices and is not specifically aimed at ads. However, there is much suspicion of the company’s motives. “The thing that worries me about Apple is they are not an ad business,” says the newspaper exec. “They don’t have skin in the game, and they want to do anything to hurt Google.” Jarvis puts it more bluntly: “Apple has basically failed at the ad business and they are trying to ruin it for everybody else.” But if people don’t want to see ads, and the world’s most valuable company is prepared to help them avoid them, is there anything that can be done?

German publishers have attempted to sue Eyeo, the makers of the most popular ad-blocking software, Ad Block Plus, which charges publishers for putting them on a “whitelist” of sites whose ads it allows to pass through its systems (an approach Jarvis labels “racketeering”). Media companies are groping for answers, sparking an arms race between ad-blocking companies and anti-ad blocking companies such as PageFair and Sourcepoint that try to disarm the systems for website owners. Eyeo has successfully fought off a string of challenges from German publishers and while it faces another ruling on 29 September, Jarvis points out that even if “Springer shuts down the ad blockers tomorrow, consumer pressure to block ads is still there.

If we don’t have our own answer we’ll be no further along.” A more common response has been to talk about “simplification” (making better ads) and “conversation” (persuading readers to accept ads). “You need to do what you can to attack the root,” says Hartman. “Remove load time, items that cause crashes, creepy ads based on data. To write apps for Apple devices, developers have to use a tool kit called Xcode, but downloading the official version from Apple’s website can take a long time in China. Don’t hold the user hostage with long pre-rolls and pop-ups.” The Post has trialled messages to people using ad-blocking software asking them to either turn them off or provide details such as email addresses. Security researcher Claud Xiao wrote on the firm’s website Friday that criminals and spies could use the malware to gain access to iOS devices. “We believe XcodeGhost is a very harmful and dangerous malware that has bypassed Apple’s code review and made unprecedented attacks on the iOS ecosystem,” he wrote. However, many are reluctant to cede control, especially when Facebook is a huge competitor for advertising money and Apple is doing its best to make its devices free of all but its own ads.

Many publishers will simply redouble their efforts to find ways of making money that aren’t reliant on advertising – such as paywalls, events and membership. There could, though, be one unintended consequence of the ad blocking that would be welcomed by many veterans in the sales departments of newspapers and magazines. Publishers could revert to integrating each ad into the foundation of each webpage, much like a printed ad is inked on to the same paper as the article next to it. Advertisers would have to accept they wouldn’t know much about who was seeing their advertising online, but at least they’d know someone was seeing it. “If advertising agencies and clients decided they didn’t want any tracking on [their ads] there is potential upside,” says the press executive. “I would be more worried if I was an ad tech business.

Here you can write a commentary on the recording "Modified versions of Xcode used to sneak malware into App Store, Apple confirms".

* Required fields
All the reviews are moderated.
Our partners
Follow us
Contact us
Our contacts

ICQ: 423360519

About this site