Dubai: +971 58 516 5922 [email protected]
Millions of iOS users were affected by the XCodeGhose malware as quite a large number of apps were infected. The hackers had taken an unusual approach and decided to hack the software the app was used to build rather than the app itself. It helped them get plenty of infected app that made their way to the app store with malicious codes, undetected. Apple made an official release of the top 25 app store apps that were affected by this threat.
The concept of tool infection is not new, it’s a known fact that hackers infect counterfeit softwares and release it through various unreliable sources. But, in the case of XCodeGhost they took Apple’s original product and made some base level changes with the infected codes and re-distributed it, as the real deal to iOS developers.
The download of the XCode, the official tool for Apple to build apps, in China takes a lot of time through the official server due to slower internet connection and other issues. The hackers used this point to their advantage and uploaded the infected software through the Baidu cloud sharing service. This lets the developers download the tool faster using the mirror link and improve their development time.
A Google search for the term “Xcode 下载” shows the multiple link where the infected files were uploaded. About six months ago, someone had posted links and information in all leading forums and sites. The infected files from version 6.0 to 7.0 were retrieved from the Baidu cloud sharing service. Once Baidu was informed about these files, it was removed completely.
Paloalto Network has diagnosed, what these malicious codes can do, once the iOS user downloads the infected app
A user can be exploited completely if the hackers hijack their device. These dangerous factors make XCodeGhost one of the scariest attack on Apple.
They have removed all the infected apps from the app store. Once the app developers have cleared the particular app, it is re-uploaded after it passes the updated review process. Apple also blamed the developers for not following the ethical development process and downloading the XCode from unreliable sources. They urged developers to download the XCode software from the Apple’s development suite only and keep Gatekeeper enabled at all times. They also announced that no customer data was released during the peak attack period.
The issue mainly raised in China as the counterfeit XCode app was circulated amongst those forums. There are plenty of iOS apps designed for enterprises that are not distributed through the app store, such enterprise apps are under a huge risk if they have an infected app. It’s essential that you get your apps developed from reputed mobile app developers, who are aware of their code of conduct and follow Apple’s guidelines at all times.
P.O. Box 238605, 1st Floor, Office # P-05,
Bay Square, Building Number 7,
Business Bay, Dubai (U.A.E)
With headquarters in Riyadh, we provide digital solutions to help succeed your business!
Give wings to your business in Abu Dhabi with the latest technology offerings from Innoppl!