XcodeGhost
Latest
Apple removes malware-infected apps from Chinese App Store
Last week we reported how a number of malware-ridden apps were found on the Chinese version of Apple's App Store. The iPhone-maker has since confirmed the offending apps have been removed. The malicious apps were reportedly created using a bogus version of Xcode (the developer tool for iOS apps) that snuck hidden, malicious features into genuine apps with a program called "XcodeGhost". Curiously, a tactic also considered by the CIA at one point. Exactly how many apps were affected is unclear, but popular titles in the country like WeChat, and car-hailing app Didi Kuaidione are reported to be on the list. Security firm Qihoo360 Technology is reporting at least 344 were removed from the store.
Malware-ridden apps found in Apple's Chinese App Store
The iOS App Store is usually a trustworthy source of software. But as hackers tend to do, they found a way to get their nefarious wares into the China version of the software supermarket. By using altered versions of Apple' development tool Xcode they were able to slip malware into apps being built by unaware devs. The problem started when developers downloaded altered versions of Xcode (named "XcodeGhost" Alibab researchers) from third-party sites. When apps built with the modified compiler are launched, they collect the phone's name, UUID, language and country, current time and network type. That data is then encrypted and sent to servers. Not a huge breach, but no one wants to be tracked by unknown sources.
