Update: WeChat reached out to inform us that WeChat version 6.2.6 and later is not affected by the XcodeGhost vulnerability. It is also good practice to change your iCloud and other account passwords, in case you have accidentally fell victim to one of these phishing attempts. Most of the apps impacted are targeted at the Chinese market but some, like WeChat, have international appeal. iPhone and iPad users should update their apps immediately to ensure they are on the latest version. Apps built with XcodeGhost will secretly send device information back to the hackers as well as initiate phishing attacks for more sensitive user credentials. One Chinese security firm said it found 344 apps infected by XcodeGhost but Apple declined to confirm the number. The hackers were somehow convinced developers to use its version of the Xcode tools rather than Apple’s official software (which is available to download for free on the Mac App Store). One theory is that Apple’s servers are slow to download from in China, so developers used this alternative ‘mirror’ (unaware of its true credibility) download for convenience and speed.Īffected apps included versions of WeChat, a very popular messaging app in China. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.” “We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” Apple spokeswoman Christine Monaghan said in an email. The company has now officially acknowledged the problem and is now removing apps affected by this ‘hack’ from the App Store.ĭevelopers were inadvertently submitting malware by using counterfeit versions of Xcode, Apple’s development software, to submit apps. The fake Xcode, dubbed XcodeGhost, would inject malicious code into otherwise-legitimate apps during the submission process.Īpple provided the following statement to Reuters: Apple has admitted that it is App Store integrity was compromised as apps were secretly infected by fake Xcode tools before submission to the App Store.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |