Apple confirmed security breach in its Chinese app store which has forty popular application infected with malware. Many app developer tricked into developing with compromised version of Apple Xcode developer with tool kit . Alibaba mobile security discover able the first breach. There are number of infected popular apps which include we chat, business card and didi kwaid scanning app with several others.
According to the security firm of US, plato Alto Network, it refers to the malware Xcode Ghost, 39 iOS application were affected. The malware potentially impact on hundred of million user, the company said.
The breach was surprising about the Apple historical stringent app policies. The malware author capability the developer demand for Apple’ s official xcode software. The compromised version of Xcode software upload to Baidu’s do and storage sit by promising faster download using the official version hosted on Apple’s website.
When app developer used this version X code help to code their app which would be infected with malware.
Plato Alto Network explain Blog Spot having the malicious code uploaded device information with app information and follow the attacker command and control server which allowed the user device to be able to receive instruction from the malware creator.
Some of the instruction include prompts which would be fake that phished user credential. This is the way to hijack opening social website which allowed for further exploitation in the iOS system. It has the ability to write data to the user clipboard which is used to read users password. The password can be copied from password management tool.
One developer said that XGhost malware had lunched phishing attack which aimed at acquiring User Palo Alto Network and I cloud password.
It’s unclear behind the attack, the security firm says that it indicates the technique used for criminal and espionage group which is used to gain access i OS device.
Apple confirmed the security issue and it removed the effected apps from the i tune store.