App analytics company SourceDNA – whose clients include Google, Amazon and Dropbox – claims that the compromised versions of many apps remain live in the Chinese App Store. This includes CamCard, which is a very popular app ranked #94.
The apps were infected with malware by a fake version of Xcode dubbed XcodeGhost which legitimate developers were fooled into downloading, believing it to be a copy of the genuine Apple app. A partial list of infected apps has been posted by security company Palo Alto Networks …
It was revealed in documents leaked by Snowden earlier this year that using a forged version of Xcode to inject malware into apps is a route the CIA considered using. It was unclear at that time how the agency could get developers to use the compromised app.
While Apple said on Sunday that it was aware of the issue and was removing infected apps, SourceDNA claims that its scans reveal that compromised versions of more than a thousand apps remain live in the Chinese version of Apple’s App Store, and told us that some of them have been infected since April.
Meantime, Wired revealed that security industry firm Zerodium – whose founder Chaouki Bekrar sells spyware to government agencies and corporations around the world – is offering a $1M bounty to anyone who can provide an exploit for breaking into an iPhone or iPad running iOS 9. The requirements for this bounty are quite high, relying on finding a very rare device exploit that can be activated through a website or text message, and if one is found it’s unlikely that it will be announced publicly.
The terms of the offer include the demand that the bug not be reported to Apple or publicly disclosed, the better to allow Zerodium’s customers to use the technique in secret. Apple didn’t immediately respond to a request for comment.
FTC: We use income earning auto affiliate links. More.
How can you refer to Zerodium as a security company when it buys for OS exploits to sell to “customers” and doesn’t make them public or to the manufacturer? It’s a privatized KGB right?
I’m thinking that the quote you have at the end of the article, presumably from Zerodium, did not include that final line about Apple not offering comments. That probably was probably intended to be a separate paragraph after the quotation.
The quote is from the linked Wired piece.
Interesting how much of the tech media is leaving out the China connection. Most articles state that the “App Store’ has been compromised with infected apps. No mention that this is mostly a China thing and that U.S. and European stores don’t have these apps.
Linkbait articles aren’t concerned with such relevant details.
I think Zerodium is investing 1M in order to blackmail Apple