Latest Breaking News

Jesus Malverde

(10,274 posts) Mon Sep 21, 2015, 04:35 AM Sep 2015

Apple’s Chinese App Store Has Come Under a Malware Attack

Source: Time

Apple’s iOS App Store in China has been attacked for the first time by malware, multiple sources report. Internet security company Palo Alto Networks says that approximately 39 applications have been compromised.

According to the Wall Street Journal, hackers planted an outwardly normal version of an Apple software called Xcode, used to develop iOS applications, on a Chinese cloud service called Baidu Pan. Developers began using it because it was faster to download than the Xcode software from Apple’s U.S. servers, the CBC reports, citing Palo Alto Networks director of threat intelligence Ryan Olson. However, the Chinese version was fraudulent and “Trojanized.”

Olson told CBC that the breach was “a pretty big deal” as it showed that the App Store could be compromised.

XcodeGhost, as the fraudulent code was named by AliBaba researchers, then gave hackers access to users’ devices and enabled phishing for passwords and login information. In its most recent analysis, Palo Alto Networks deemed XcodeGhost dangerous, saying it could set a precedent for other espionage and criminal groups.

Read more: http://time.com/4042173/apple-china-app-store-malware-xcode/

http://www.macrumors.com/2015/09/20/xcodeghost-chinese-malware-faq/

http://forums.macrumors.com/threads/what-you-need-to-know-about-ios-malware-xcodeghost.1918784/#post-21896151

7 replies

= new reply since forum marked as read

Highlight:

Apple’s Chinese App Store Has Come Under a Malware Attack (Original Post) Jesus Malverde Sep 2015 OP

It's not the Chinese app store that is affected. thesquanderer Sep 2015 #1

affected apps tomm2thumbs Sep 2015 #2

As long as Angry Birds 2 is not affected, I'm happy. alfredo Sep 2015 #3

Now your bummed! Jesus Malverde Sep 2015 #4

I just found out, now it is deleted. I was approaching level 200. alfredo Sep 2015 #5

I had cardcam Jesus Malverde Sep 2015 #6

Actually, it is only on the Chinese Apple store. So US users don't have to worry. alfredo Sep 2015 #7

thesquanderer

(11,986 posts)

1. It's not the Chinese app store that is affected.

Reply to Jesus Malverde (Original post)

Mon Sep 21, 2015, 05:58 AM

Sep 2015

The source of the malware was in a Chinese illegitimate copy of the app development tool. However, once a developer was using that tool, the apps created with it were compromised, and those apps could be offered outside China, including on the U.S. app store.

tomm2thumbs

(13,297 posts)

2. affected apps

Reply to Jesus Malverde (Original post)

Mon Sep 21, 2015, 06:25 AM

Sep 2015

Fox-IT (fox-it.com), a Netherlands based security company, checked all C2 domain names from our reports in their network sensors and has found thousands of malicious traffic outside China.

According to their data, these are but a few of the iOS apps also infected:

WeChat
SuperJewelsQuest2
CamScanner Pro
Guitar Master
PDFReader Free
WinZip
Quick Save
PocketScanner
CamScanner Lite
SaveSnap
TinyDeal.com
FlappyCircle
WinZip Sector
CamCard
installer
PDFReader
Mercury
air2
WeLoop
DataMonitor
Musical.ly
guaji_gangtai en
Perfect365
WhiteTile
IHexin
WinZip Standard
MoreLikers2
MobileTicket
golfsense
Wallpapers10000
snapgrab copy
CuteCUT
InstaFollower

* ongoing full list at link (list begins with Chinese language apps)
http://forums.macrumors.com/threads/what-you-need-to-know-about-ios-malware-xcodeghost.1918784/#post-21896151

* other list is having trouble loading - may be servers are getting hammered by folks looking up list. Will include for later reference
http://researchcenter.paloaltonetworks.com/2015/09/malware-xcodeghost-infects-39-ios-apps-including-wechat-affecting-hundreds-of-millions-of-users/