XcodeGhost: Apple's First Malware Attack

Apple iOS has always been known to be stringent when it comes to its security compared with Android who has been battling malware attacks for years; however, the company falls short this time as malicious software made way through the rigorous review process.

On Sunday, September 20, Apple admitted that they are undergoing a major clean up in their App Store following the malware attack of its app-maker Xcode tool. The tool, which was introduced with corruptive codes was modified and distributed widely online especially to developers. The messaging app WeChat and ride-hailing app Didi Kuaidi were among the over 39 apps tainted.

The intrusion known as XcodeGhost attack was meant to steal personal information like passwords and iCloud logins. Apple in a statement said that the counterfeited developer code was posted by untrusted sources.

"We've removed the apps from the App Store that we know have been created with this counterfeit software... [and] are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps," Christine Monaghan, spokeswoman from Apple, told Fox Business in an email.

Ryan Olson, Palo Alto Networks Director of Threat Intelligence, affirmed that no data stealing or harm was done following the attack, but fears that other phishers might copy the same scheme making it more difficult to safeguard especially its targeting developers.

For instance, in this case, principal solutions architect at application security firm Veracode John Smith said that "developers of the apps had no knowledge that their own code was being used to carry malware - it was the modified development environment (Xcode) that introduced the payload."

Meanwhile, developers of affected apps also made its own legwork and security check and confirmed that no important information were released or corrupted. On its blog post, WeChat app cited that investigation has revealed that there has been no theft and leakage of user's information or money, but the WeChat team will continue to closely monitor the situation.

The news came when Mark Dowd noticed "AirDrop holes" where legit apps are secretly changed to malicious ones.

XcodeGhost: Apple's First Malware Attack

Most Popular

Roman Lead Coffin Found To Hold Previously Unknown Human Child Remains in Fascinating Discovery

Largest Marine Reptile Ever Found? Fossils of Colossal Prehistoric Underwater Species Discovered by Paleontologists

600-Year-Old Voynich Manuscript Cracked; Encrypted Text Includes Censored Information on Sex, Contraception, Gynecology

World’s First ‘Conversation’ Between Humans and Humpback Whales Could Help Us Talk to Aliens in the Future

New York City To Use Birth Control as Humane Option in Reducing Rat Population

Latest Stories

Sinking Towns: Several Major Cities in China Are Subsiding Due to Increasing Weight, Water Extraction

Weather Wars? Meteorologist Issues Warning as Cloud Seeding Could Get Out of Hand

Snake Fossils of Previously Unknown Ancient Species Show That It Could Have Been One of the Largest Snakes Ever

The Year Without Summer: How Did a Volcanic Eruption Cause Major Weather Disaster in 1816?

World’s First ‘Conversation’ Between Humans and Humpback Whales Could Help Us Talk to Aliens in the Future

Recommended Stories

NASA Confirms Mysterious Object That Crashed Into Florida Home Was a Space Junk

Mercury-Bound BepiColombo Spacecraft Observes Cold Oxygen and Carbon Ions Escaping the Induced Magnetosphere of Venus

Potentially-Hazardous Asteroid Makes Closest Approach to Earth, Can Be Visible for the First Time Through Amateur Telescopes

Pluto's Heart: Massive Ancient Collision May Explain How Dwarf Planet's Unique Heart-Shaped Feature Formed, Scientists Discover

XcodeGhost: Apple's First Malware Attack

Most Popular

Latest Stories

Subscribe to The Science Times!

Recommended Stories