Advertisement


Advertisement

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
General News Apple’s App Store hit by XcodeGhost, here is everything you need to know about it
#1
Advertisement

A week after Apple started seeding iOS 9; its App Store has been hit by a malware for the first time ever. The malware called XcodeGhost is said to have affected more than 39 iOS apps mostly targeted at the Chinese market. The folks at Palo Alto Networks have shed some light on how the malware functions and just how dangerous it is.

What is XcodeGhost?
The malware dupes developers into using an infected version of Xcode, Apple’s official software development tool for developing OS X and iOS apps. The infected Xcode was uploaded on Baidu, and was unknowingly downloaded by some Chinese iOS developers. The iOS apps compiled by the modified Xcode got infected thereby giving hackers access to sensitive data.

How dangerous is it?
The malware is said to have affected both stock and jailbroken iOS devices, including the iPhone, the iPad and the iPod Touch. The infected apps can log information about your device, and then upload this data on attackers’ command and control server. The hackers get access to the infected app’s name, current time, name and type of device, system language and country, network type, UUID of the device and the app bundle identifier.

According to Palo Alto Networks, the attackers can send commands to the infected apps to perform actions such as – create a fake alert dialogue to acquire sensitive user information such as usernames, passwords and credit card details. Attackers can also remotely open specific URLs that could allow them to exploit vulnerabilities into the system or other apps.

How many users are affected?
While Apple hasn’t revealed an official number, around 40 iOS apps are said to have been affected. With popular apps like WeChat and CamScanner in the list, this vulnerability potentially affects over 500 million iOS users in Asia-Pacific region. WeChat though has since issued a fix for the infected version.

How to protect your iOS devices?
While there is no way to detect whether or not your iPhone / iPad is infected, you can uninstall the affected apps from your device. It will also be wise to reset your iCloud password and all other passwords that you’ve put on your iOS devices.

Regarding this vulnerability, an Apple spokesperson issued a formal statement to the Reuters, “We’ve removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”

The infected apps are listed in the table below:

[Image: Apple_s_App_Store_hit_by_Xcode_Ghost_here_is_eve.jpg]

http://www.bgr.in/news/apples-app-store-...e-malware/

___________________________________________
Airtel Digital HD Recorder / Kerala Vision Digital TV
Reply
Thanks given by:
Advertisement
Advertisement




Possibly Related Threads...
Thread Author Replies Views Last Post
  General News: Apple Maps is getting overhauled in a big way nairrk 0 232 07-01-2018, 12:34 PM
Last Post: nairrk
  General News: Apple iOS 12 Public Beta: How to try the latest operating system for your iPhone.. nairrk 0 228 06-26-2018, 10:47 AM
Last Post: nairrk
  General News: Apple introduces Memoji which is really Yahoo Avatars reborn in 2018 nairrk 0 241 06-05-2018, 01:51 PM
Last Post: nairrk
  IDF Exclusive: Latest Google Play Store..... Mr.Bhat 30 4,661 04-05-2018, 05:26 PM
Last Post: Mr.Bhat
  General News: Google Assistant Go is now available on Play Store nairrk 0 312 02-02-2018, 01:48 PM
Last Post: nairrk
  General News: This is how to remove Apple Music from your iPhone’s Music App nairrk 0 419 01-08-2018, 12:08 PM
Last Post: nairrk
  General News: YouTube to come up with a new paid music service to rival Spotify and Apple Music nairrk 0 370 12-08-2017, 06:30 PM
Last Post: nairrk
  General News: Chromebooks now have access to Microsoft Office apps on Play Store nairrk 0 321 11-28-2017, 11:48 AM
Last Post: nairrk
  Update: UC Browser gets delisted on Google Play Store for ‘misleading’ promotions(now listed) nairrk 2 719 11-22-2017, 06:15 PM
Last Post: nairrk
  General News: Fake version of WhatsApp found on Google Play Store nairrk 0 345 11-03-2017, 12:03 PM
Last Post: nairrk

Forum Jump:


Users browsing this thread: 1 Guest(s)
Advertisement