Large-scale cyber attack on Apple
September 21, 2015
Several cyber security firms reported finding a malicious program called XcodeGhost that was embedded in hundreds of legitimate apps. This program allows hackers to collect data from devices like iPhones and iPads.
The affected applications included the popular WeChat app, the car hailing app Didi Kuaidi and a music downloading app.
The hackers embedded the malicious program by convincing developers of legitimate software to use a counterfeit version of Apple's software for creating iOS and Mac apps, which is known as Xcode, Apple stated.
"We've removed the apps from the App Store that we know have been created with this counterfeit software," Apple spokeswoman Christine Monaghan stated in an email, quoted by Reuters. "We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps."
Olson: Other hackers might copy this approach
However, Apple has not said what steps iPhone and iPad users could take to find out whether their devices were affected by the cyber attack.
The counterfeit version of Xcode was downloaded from a server in China that developers may have used because it allowed for faster downloads than using Apple's US servers, said Palo Alto Networks Director of Threat Intelligence Ryan Olson. His company was among the cyber security firms that reported finding the malicious program.
According to Olson, no examples of data theft or other harm were recorded as a result of the attack. However, he called it "a pretty big deal" because the attack showed that the App Store could be compromised if hackers infected machines of software developers writing legitimate apps. Olson warned that other hackers might copy this approach.
das/rg (Reuters, dpa)