Several Malware-embedded Apps Found In Chinese Apple App Store

Posted: Sep 19 2015, 12:50pm CDT | by , in News | Apple


Several malware-embedded apps found in Chinese Apple App Store
ios hacker

Apple App Store is not a heaven for safe apps anymore

The Chinese iOS application store was the home to two applications with light implanted malware.

Apps compiled from a modified version of Apple's Xcode development environment found on Chinese piracy sites have been found to include "XcodeGhost."

It is a malware package that collects time, device name, and network type. In itself, the data collection is not a big issue at all, but rather of more concern.

It means that the Apple's screening procedure for the apps plainly neglected to recognize the threat, even if it was mild.

Security researchers found at least 20 applications afflicted with the XcodeGhost malware package on different archives.

As reported, the malware is situated in a Mach-O object file that was repackaged into some versions of Xcode installers.

These malicious installers were then uploaded to Baidu's cloud file sharing service for used by Chinese iOS/OS X developers.

The infected apps collect information like phone's name, language, UUID, and country, current time and network type when installed.

One of them is the famous NetEase Cloud Music which has nearly 500 ratings, with an average of 4.5 stars.

Palo Alto recommends that "Apple developers should always use Xcode directly downloaded from Apple, and regularly check their installed Xcode's code signing integrity to prevent Xcode from being modified by other OS X malware."

You May Like


The Author

<a href="/latest_stories/all/all/32" rel="author">Ahmed Humayun</a>
Ahmed Humayun is a technology journalist bringing you the hottest tech stories of the day.




Leave a Comment

Share this Story

Follow Us
Follow I4U News on Twitter
Follow I4U News on Facebook

Read the Latest from I4U News