As long as there has been an App Store, Apple has practiced strong discretion over which apps it approves and which it doesn’t allow on the iPhone and iPad. This has sometimes meant controversy for Apple, as its judgement is called into question when apps that were once approved are sometimes pulled for questionable reasons. Metadata+, an app that sends iPhone users alerts when a US drone strike leads to death, is the latest casualty, The Guardian reports… expand full story
App Store ▪ September 30
App Store ▪ September 24
App Store ▪ September 22
App analytics company SourceDNA – whose clients include Google, Amazon and Dropbox – claims that the compromised versions of many apps remain live in the Chinese App Store. This includes CamCard, which is a very popular app ranked #94.
The apps were infected with malware by a fake version of Xcode dubbed XcodeGhost which legitimate developers were fooled into downloading, believing it to be a copy of the genuine Apple app. A partial list of infected apps has been posted by security company Palo Alto Networks … expand full story
App Store ▪ September 21
Update 1: The list of apps has now been updated with apps identified by Dutch security company Fox-IT. The company is reporting seeing malware traffic from the apps in Europe.
Update 2: Rovio has advised that only the version of Angry Birds 2 in the Chinese App Store was affected.
I wish to clarify that Rovio can confirm that only the Chinese build of Angry Birds 2 — available only on the App Store in Mainland China, Taiwan, Hong Kong and Macau — is vulnerable to the security issue. All other builds of Angry Birds 2 available in other countries are completely safe and secure. An update of Angry Birds 2 for customers in Mainland China, Taiwan, Hong Kong and Macau that fixes the issue is coming very shortly.
After yesterday’s revelation that hundreds of iOS apps on the App Store had been infected by malware, security company Palo Alto Networks has posted a list of some of the affected apps – which include Angry Birds 2.
The apps were infected by a fake copy of Xcode dubbed XcodeGhost, unwittingly downloaded by Chinese developers in place of the real thing. It’s believed they downloaded the fake from local servers because it took too long to download the original from Apple’s own servers. It’s not yet known why Apple’s own checks did not detect the malware when apps were submitted to the App Store.
It’s been suggested that over 300 apps are infected, with 31 of them so far identified (list below) … expand full story
App Store ▪ September 20
Apple has admitted that it is App Store integrity was compromised as apps were secretly infected by fake Xcode tools before submission to the App Store. The company has now officially acknowledged the problem and is now removing apps affected by this ‘hack’ from the App Store.
Developers were inadvertently submitting malware by using counterfeit versions of Xcode, Apple’s development software, to submit apps. The fake Xcode, dubbed XcodeGhost, would inject malicious code into otherwise-legitimate apps during the submission process.
App Store ▪ September 18
Apple’s support for building Safari ad blockers in iOS 9 was sure to be controversial as they negatively and directly impact writers/publications like us here at 9to5Mac and others that rely on advertising for revenue. And while a few ad blockers climbed the App Store’s top paid chart this week, the highest ranked Safari content blocker has been pulled after being sold for just 48 hours. Developer Marco Arment announced today that he decided to pull his ad blocker app Peace from sale, citing that it “just doesn’t feel good” to [profit from] the negative impact to “many who don’t deserve the hit.” expand full story