XcodeGhost: Apple's First Malware Attack

Apple iOS has always been known to be stringent when it comes to its security compared with Android who has been battling malware attacks for years; however, the company falls short this time as malicious software made way through the rigorous review process.

On Sunday, September 20, Apple admitted that they are undergoing a major clean up in their App Store following the malware attack of its app-maker Xcode tool. The tool, which was introduced with corruptive codes was modified and distributed widely online especially to developers. The messaging app WeChat and ride-hailing app Didi Kuaidi were among the over 39 apps tainted.

The intrusion known as XcodeGhost attack was meant to steal personal information like passwords and iCloud logins. Apple in a statement said that the counterfeited developer code was posted by untrusted sources.

"We've removed the apps from the App Store that we know have been created with this counterfeit software... [and] are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps," Christine Monaghan, spokeswoman from Apple, told Fox Business in an email.

Ryan Olson, Palo Alto Networks Director of Threat Intelligence, affirmed that no data stealing or harm was done following the attack, but fears that other phishers might copy the same scheme making it more difficult to safeguard especially its targeting developers.

For instance, in this case, principal solutions architect at application security firm Veracode John Smith said that "developers of the apps had no knowledge that their own code was being used to carry malware - it was the modified development environment (Xcode) that introduced the payload."

Meanwhile, developers of affected apps also made its own legwork and security check and confirmed that no important information were released or corrupted. On its blog post, WeChat app cited that investigation has revealed that there has been no theft and leakage of user's information or money, but the WeChat team will continue to closely monitor the situation.

The news came when Mark Dowd noticed "AirDrop holes" where legit apps are secretly changed to malicious ones.

Join the Discussion

Recommended Stories

Real Time Analytics