Rare malware outbreak hits some Apple apps

22 Sep 2015 | Author: | No comments yet »

Apple Confirms Malware-Infected Apps Found And Removed From Its Chinese App Store.

Apple has removed some applications from its App Store after developers in China were tricked into using software tools that added malicious code in an unusual security breach. Over the weekend, Apple revealed that malware found its way into the App Store on a mass scale after several of China’s most popular apps were infected with code that could snoop on iOS devices and steal passwords.Apple has confirmed a security breach in its Chinese App Store which saw nearly forty popular applications infected with malware – a result of app developers being tricked into downloading a compromised version of Apple’s Xcode developer tool kit.App developers who downloaded key Apple software from somewhere other than the company’s App Store inadvertently stuck viruses into several big-name apps, mostly in China. The breach, first discovered by researchers at Alibaba Mobile Security, affected a number of popular apps in the region, including WeChat, Didi Kuaidi (an Uber-like service), business card scanning app CamCard, and several others.

The iPhone, iPod and iPad apps laden with malicious code allow hackers to send people to counterfeit websites, where usernames and passwords could be harvested, or access data that are being copied and pasted. App Store for about 36 hours. “Ad blockers come with an important asterisk: while they do benefit a ton of people in major ways, they also hurt some, including many who don’t deserve the hit.” Arment said he felt Peace was “too black and white” in the way it shielded the user from advertising, offering a full refund to anyone who paid for it. “I know pulling Peace from the store after just two days is going to be an immensely unpopular move, and subject me to a torrent of unpleasantness,”he added. Messaging app WeChat, Chinese ride-hailing app Didi Kuaidi and contacts app CamCard were among those affected, cybersecurity company Palo Alto Networks reported last week. Tech guru Arment has enjoyed a sparkling career, working as chief developer at Tumblr as well as creating the smash hit new app Instapaper, which he sold in April 2013.

However, the shares appear to be responding to the positive news of the day, which is Canaccord Genuity‘s Mike Walkley reiterating a Buy rating and raising his price target to $160 from $155 after concluding that “Apple will maintain very strong share of the premium tier smartphone market” with its recently released iPhone 6s and 6s Plus, which go on sale at retail this Friday. Walkley sees half a billion people using the iPhone at the end of this calendar year, helped by switchers from Google’s (GOOGL) Android who had abandoned Apple’s platform during prior iPhone cycles: We believe the new Apple installment plan programs combined with similar to more aggressively priced installment programs from leading carriers will improve the rate of iPhone upgrade sales to the growing installed base of iPhone users. Meanwhile, Chinese Internet giant Tencent issued a report of its own that said the infected Xcode kit was being circulated on several web forums for the better part of six months. In fact, with only 27% of the iPhone installed base having upgraded to the iPhone 6/6 Plus devices by the end Q3/F15, we anticipate continued strong replacement sales through C2015 and beyond.

The Wall Street Journal reports that someone who goes by XcodeGhost-Author claimed to be the author of the compromised Xcode kit and posted an apology on microblogging site Weibo. But to even install this affected version of the Xcode software, developers had to ignore a warning which indicated the software was damaged and should be moved to the trash: In other words, Apple’s Gatekeeper technology, which prevents non-App Store and unsigned versions of programs, like Xcode, from being installed, was doing its job. Apple didn’t immediately say whether it also stores apps in China, but generally downloads are slow because of China’s distance from the company’s servers and the country’s extra firewalls. Hackers are increasingly looking for new ways to target mobile apps and devices, including iPhones, because they are so widely used by many consumers, added Darren Hayes, a cyber-security expert at Pace University in New York.

Some of those instructions included a prompt that would be a fake alert that phished for user credentials; a way to hijack opening special website URLs, which would allow for further exploitation in the iOS system; and the ability to write and write data to the user’s clipboard which could be used to read the user’s password, in the case the password was copied from a password management tool. The creators of this malware took advantage of public frustration with Beijing’s Internet filters, which hamper access to Apple and other foreign websites. It’s unclear who’s behind the attack at present, the security firm says, but it did indicate that the techniques used could be those that “criminal and espionage groups” would use to gain access to iOS devices.

Version 6.2.6 of the app is not affected. “Most of the time, everything turns out fine,” Tod Beardsley, security research manager at Rapid7, said in a prepared statement. “It’s not that developers are dumb and don’t know the risks; they simply consider the risk extremely unlikely, and if it’s slightly more convenient to ignore one or two security best practices, they will proceed accordingly.” Apple has proclaimed that its own App Store is a safe alternative for users who don’t want to be snooped on—but it appears the company may not be able to guarantee that anymore. The company also says it’s working with developers to make sure their apps are not at risk and that they’re using the proper version of Xcode. “Apple takes security very seriously and iOS is designed to be reliable and secure from the moment you turn on your device.

A fake version of one of these tools was posted by untrusted sources which may compromise user security from apps that are created with this counterfeit tool. Parent company Tencent has since posted to its official blog confirming the discovery of the security flaw, noting that only those who were running WeChat v6.2.5 for iOS would have downloaded the infected version of its app. In addition, Tencent said that its initial investigations showed that there had been “no theft and leakage of users’ information or money,” but the company would continue to monitor the situation closely.

For starters, it’s unclear at this time how many users may have actually downloaded the malware-laden apps while they were available on the store, and how these users will be notified to upgrade to the most recent version. In addition, years ago, Apple founder and CEO Steve Jobs confirmed that Apple did, in fact, have a “kill switch” of sorts to remove apps from users’ devices.

Here you can write a commentary on the recording "Rare malware outbreak hits some Apple apps".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site