Saw this on The Verge this morning:
Apple has removed malware-infected apps from the App Store after acknowledging its first sustained security breach. The malware, known as XcodeGhost, worked its way into several apps by convincing developers to use a modified version of Xcode, the software used to create iOS and Mac software.
Attacks are getting more creative – this time introducing the malware via modified Xcode – Apple’s development tool – and injecting the malware code when developing the apps.
Most of the apps affected were from China developers who were using the tweaked version of Xcode. According to this report from Reuters, attackers are targeting developers by convincing them to download a version of Xcode on a Chinese server as it was faster to grab as compared from Apple’s Developer Portal.
Still, he said it was “a pretty big deal” because it showed that the App Store could be compromised if hackers infected machines of software developers writing legitimate apps. Other attackers may copy that approach, which is hard to defend against, he said.
“Developers are now a huge target,” he said.
One of the known app is popular chat app – WeChat. In a short blog update, the company briefly state that no personal data nor money were stolen from this hack and the latest version of the app is free from the malware.
A preliminary investigation into the flaw has revealed that there has been no theft and leakage of users’ information or money, but the WeChat team will continue to closely monitor the situation.
Lesson here is this – be it development tools or apps, get it from the official source. Though the App Store has strict guidelines, this episode shows that when people gets creative, they will always find ways to exploit. So update your apps and stay safe…until the next loop hole is found.
To keep yourself safe, there are a few things you can do: