Apple confirmed the security breach in its Chinese app store which has forty popular application infected with malware. Many app developers tricked into developing with a compromised version of Apple Xcode developer with the tool kit. Alibaba mobile security discoverable the first breach. There is the number of favorite infected apps which include we chatted, business card and did Quaid scanning app with several others.
According to the security firm of US, Plato Alto Network, it refers to the malware Xcode Ghost, 39 iOS application were affected. The malware potentially impacts on hundreds of million users, the company said.
The breach was surprising about the Apple historical stringent app policies. The malware author capability the developer demand for Apple’ s official Xcode software. The compromised version of Xcode software upload to Baidu’s do, and storage sits by promising faster download using the official version hosted on Apple’s website.
When app developer used this version X code help to code their app which would be infected with malware.
Plato Alto Network explains Blog Spot having the malicious code uploaded device information with app information and follow the attacker command and control server which allowed the user device to be able to receive instruction from the malware creator.
Some of the instruction include prompts which would be fake that phished user credential. This is the way to hijack opening a social website which allowed for further exploitation in the iOS system. It can write data to the user clipboard which is used to read users password. The password can be copied from the password management tool.
One developer said that XGhost malware had launched phishing attack which aimed at acquiring User Palo Alto Network and I cloud password.
It’s unclear behind the attack, and the security firm says that it indicates the technique used for criminal and espionage group which is used to gain access I OS device.
Apple confirmed the security issue, and it removed the affected apps from the I tune store.
