Boston -.. Apple App Store is cleaning to remove malware for iPhones and iPads, the first large-scale attack that popular application store
The company revealed their efforts after several cyber security firms reported finding a program called XcodeGhost who infiltrated hundreds of legitimate applications.
This is the first reported case of counterfeit software programs to breaking through in the strict application review process Apple, Reuters reported.
Before this attack, had met only five malicious applications on the App Store, according to computer security firm Palo Alto Networks Inc.
Hackers infiltrated malware to convince developers of legitimate software to use a counterfeit version of Apple’s software for creating applications for iOS and Mac, which is known as Xcode, the firm said.
“We have removed the applications from the App Store that we have created with this counterfeit software,” said Apple spokeswoman Christine Monaghan, in an email.
“We are working with developers for will ensure that you are using the correct version of Xcode to rebuild their applications, “he said.
He said they should do users of iPhones and iPads to determine if your device is infected.
Director of Palo Alto Networks Threat, Ryan Olson, said the malware had limited functionality and their company had no examples of data theft or other damage as a result of the attack.
Yet He said it was “a big issue” because it showed that the App Store could be compromised if hackers infect machines software developers who create legitimate applications. Other attackers can copy that method, which is difficult to defend, he said.
“Developers will are now a huge target,” he said.
The researchers said the infected applications included WeChat popular Tencent Holdings Ltd, Didi kuaidi and a music application Internet portal NetEase Inc.
The Xcode corrupted version has been downloaded from a server in China that developers can be used because it allows downloads faster than the use of servers in the United States Apple, Olson said.
The Chinese security company Qihoo360 Technology Co. said in his blog that he had discovered 344 applications with XcodeGhost affected.
No comments:
Post a Comment