Apple has named the top 25 apps infected by the XcodeGhost malware, stating that “the number of impacted users drops significantly” for other compromised apps. Most security researchers now agree that the total number of infected apps is in or around four figures, with many of them still present in China’s App Store … expand full story
iOS malware ▪ September 24
iOS malware ▪ September 23
Apple is to make Xcode available for local download from servers based in China as part of its response to the XcodeGhost malware issue. The announcement was made on the Chinese social media site Sina by Phil Schiller, Apple’s senior VP of worldwide marketing (via CNET). It’s believed that many Chinese developers inadvertently downloaded the fake version because the official download was taking too long.
“In the US it only needs 25 minutes to download,” Schiller told Sina, admitting that in China getting Xcode “may take three times as long.” He told the Chinese publication that, to quell this problem, Apple would be providing an official source for developers in the People’s Republic to download Xcode domestically.
Analysis of infected apps by security researchers appears to be revealing a mix of good and bad news … expand full story
iOS malware ▪ September 22
App analytics company SourceDNA – whose clients include Google, Amazon and Dropbox – claims that the compromised versions of many apps remain live in the Chinese App Store. This includes CamCard, which is a very popular app ranked #94.
The apps were infected with malware by a fake version of Xcode dubbed XcodeGhost which legitimate developers were fooled into downloading, believing it to be a copy of the genuine Apple app. A partial list of infected apps has been posted by security company Palo Alto Networks … expand full story
iOS malware ▪ November 7, 2014
Apple has now blocked the launching of Mac apps infected with WireLurker malware, after earlier revoking security certificates to prevent them being installed on new devices. WireLurker was capable of infecting non-jailbroken iOS devices when connected to a Mac running one of the compromised apps. Over 400 Mac apps in a third-party Chinese app store were affected.
In a written statement, an Apple spokesperson said:
We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching. As always, we recommend that users download and install software from trusted sources.
However, a security researcher says that it would be easy for other attackers to exploit the exact same weakness … expand full story
iOS malware ▪ April 22, 2014
iOS malware ▪ August 20, 2013