Select Page

Apple removes malware-infected App Store apps

App StoreSaw this on The Verge this morning:

Apple has removed malware-infected apps from the App Store after acknowledging its first sustained security breach. The malware, known as XcodeGhost, worked its way into several apps by convincing developers to use a modified version of Xcode, the software used to create iOS and Mac software.

Attacks are getting more creative – this time introducing the malware via modified Xcode – Apple’s development tool – and injecting the malware code when developing the apps.

Most of the apps affected were from China developers who were using the tweaked version of Xcode. According to this report from Reuters, attackers are targeting developers by convincing them to download a version of Xcode on a Chinese server as it was faster to grab as compared from Apple’s Developer Portal.

Still, he said it was “a pretty big deal” because it showed that the App Store could be compromised if hackers infected machines of software developers writing legitimate apps. Other attackers may copy that approach, which is hard to defend against, he said.

“Developers are now a huge target,” he said.

One of the known app is popular chat app – WeChat. In a short blog update, the company briefly state that no personal data nor money were stolen from this hack and the latest version of the app is free from the malware.

A preliminary investigation into the flaw has revealed that there has been no theft and leakage of users’ information or money, but the WeChat team will continue to closely monitor the situation.

Auto UpdatesLesson here is this – be it development tools or apps, get it from the official source. Though the App Store has strict guidelines, this episode shows that when people gets creative, they will always find ways to exploit. So update your apps and stay safe…until the next loop hole is found.

To keep yourself safe, there are a few things you can do:

  • update the latest iOS – there are always bug fixes and closing of vulnerabilities
  • update your apps – you can configure your iOS device to download any updates available just by going to Settings → App and iTunes Stores → toggle Updates under Automatic Downloads

Apple Watch’s Reverse Crown

Craig Hockenberry finds that Apple Watch , especially with the Reverse Crown. Apple never adds settings without a good reason. The inclusion of a preference for the crown position is a pretty clear indication that someone important knew that this was an ergonomically... read more

A first look at Steve Jobs – the Aaron Sorkin movie

Universal Pictures just released a first look at Steve Jobs – the Aaron Sorkin movie starring Michael Fassbender as Jobs, Kate Winslet as Joanna Hoffman, Seth Rogen as co-founder Steve Wozniak, Jeff Daniels as former Apple CEO John Sculley, Katherine Waterston... read more – homepage screenshot collection

Florian Innocente loves his Apple and in one of his Flickr album – he has consolidated screenshot of every homepage since 1997 – the image above is just two years’ of homepage between 1997 to 1999. But that wasn’t the oldest... read more

Spring forward – Apple Event Mar 2015

The upcoming event for Apple will probably be one of the most important in recent years. Although the Apple Watch was announced in October last year, there are still many details not known to the public. Scheduled to be available in April, this event will be the Apple... read more

MacBook Pro Repair Extension Program

If you happen to own a MacBook Pro that was purchased between Feb 2011 and December 2013, and faces some problems with the display, you might be able to get it fixed for free – even if your AppleCare had expired. Products affected: 15″ and 17″... read more
%d bloggers like this: