Wednesday, 23 September 2015

Researchers: Thousands Infected Apps In App Store

In the Apple App Store have been infected thousands of apps and a number of infected apps is still offered, say researchers from the Chinese Pangu Team. They have an app developed to iOS users can check whether they have downloaded an infected app.

The infected apps with the XcodeGhost-malware become infected. The name refers to Xcode, Apple's official tool for developing apps for iOS or OS X. Several Chinese developers had an infected version of Xcode which also downloaded the apps they developed became infected. Last Friday, September 18th, Apple began with the removal of the infected apps. On Sunday, let Apple know that all known infected apps was removed.

Monday, however, showed that there are still familiar with XcodeGhost infected apps were in the App Store, says security company Palo Alto Networks. How many apps now have become infected is unclear. Palo Alto first suggested that they were 39. China's Qihoo 360 did a survey of 344 apps, while Pangu Team says the 3418 infected apps have been identified. The researchers say that the actual number is much higher. In addition, not all infected apps from the App Store removed.

In previous posts Palo Alto Networks said that the malware was able to carry out phishing attacks on users by showing warning windows where people than their passwords might fill. This appears to be wrong afterwards. Today's malware is there not capable, but can be easily modified to do this.


In addition to turning the Pangu Team app and remove any found infected apps, users can also have two-factor authentication as an additional layer of security set, so advises Palo Alto Networks. Furthermore, app developers are advised to download development tools only through the official provider. Xcode should therefore only through the Apple website to download and no other location. Also need developers during development Gatekeeper protect their OS X machine set at the default level. Finally app developers are advised to check the integrity of their development tools and libraries before they release a new version of the app.

No comments:

Post a Comment