In what is a timely reminder that even the largest, and seemingly controlled, companies can face a cyberattack, Apple revealed that its Chinese App Store had been attacked by malware.
In what is thought to be the first attack on Apple’s App Store, the infection consisted of malicious code placed into iPad and iPhone apps that are popular in China. The hackers created a counterfeit version of Apple’s software for building iOS apps, which they then convinced developers to download. Once the apps were made and downloaded, the attackers were able to steal data about users and send it to servers they control.
The malware, known as XcodeGhost, could also allow the attackers to send fake notifications to users which could result in unsuspecting victims revealing valuable information. Cybersecurity firm Palo Alto Networks also states that is possible for the attackers to see log in information and other actions carried out on the device.
“In China – and in other places around the world – sometimes network speeds are very slow when downloading large files from Apple’s servers,” explained Palo Alto Networks. “As the standard Xcode installer is nearly three gigabytes, some Chinese developers choose to download the package from other sources.
Some of the apps that were affected by the attack include some that are available for purchase in App Stores outside of China, such as thee business card scanner CamCard.
“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” said Apple spokeswoman Christine Monaghan. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps”.
How to avoid XcodeGhost
- Having the operating system updated.
- Only download applications from the official store. Of course, in this case the infected apps were in the Apple store, but they have been swiftly eliminated.
- Use common sense – it’s one of the best ways to protect yourself
- Also, connect your iPhone or iPod to your Mac and scan it for malware with our antivirus for Mac