In a first-of-its-kind attack, dozens of applications in Apple’s official App Store have been infected by a malware which has embedded its code into some of the most popular mobile programs in China, exposing iOS users’ privacy.
The infected applications are capable of receiving commands from the attacker to prompt fake alert dialogs, reading and writing the contents of clipboard, and transmitting information about a user’s device.
Among the 39 applications found to have been affected was a popular instant messaging app, WeChat. Banking and stock trading apps, as well as games, were also hit.
According to US-based cybersecurity company Palo Alto Networks Inc., the attackers infiltrated the App Store via the developers of the mobile applications, who were tricked into using a compromised version of Apple’s developer tool kit Xcode.
READ MORE: New virus created that can completely wreck Apple computers
The malicious code was added into applications without developers’ knowledge , cyber security experts said.
“XcodeGhost’s primary behaviour in infected iOS apps is to collect information on the devices and upload that data to command and control (C&C) servers. The malware has exposed a very interesting attack vector, targeting the compilers used to create legitimate Apps. This technique could be adopted to attack enterprise iOS apps or OS X apps in much more dangerous ways,” Palo Alto wrote.
It is unknown how the infected application made it past Apple’s strict reviewing process, or how many user might be affected. However, given the popularity of some of the apps, the infection could number somewhere in the millions.
READ MORE: ‘Largest known hack’: Malware steals over 225k valid Apple accounts
Apple said that it had taken steps to address the problem and “removed the apps from the App Store that we know have been created with this counterfeit software.”
“We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps,” the company’s statement added.
This entry passed through the Full-Text RSS service - if this is your content and you're reading it on someone else's site, please read the FAQ at http://ift.tt/jcXqJW.
No comments :
Post a Comment