In early September there were hundreds of legitimate apps in the iOS App Store infected with malicious code. Apple is well known for strict security checks that rarely allow any negative damaging software into their merchandise. The technology giant is in the process of shutting down the first large-scale software breach that runs from iPhones and iPads via apps.
According to Joseph Cox from WIRED, the attack works by tricking developers into using fake versions of Xcode, Apple’s software development and creation tool. The fake Xcode is then used to create apps with extra hidden lines of coding. Xcode software is downloaded directly from Apple free of charge, but some of the versions of Xcode can be downloaded from elsewhere. These alternate sources, usually developer forums, are packaged with the hidden code, nicknamed “XcodeGhost”. Claud Xiao, a senior researcher from Palo Alto Networks, verified that over 20 apps have been infected.
Charlie Miller, a security researcher at Uber, stated that consumers who downloaded malicious software shouldn’t worry too much. He recommends deleting any corrupted apps. In addition, consumers should keep up with all reports of other malware infected apps. The contaminated apps that did make it through Apple’s security do not seem to have done any severe damage; they merely copied network information. James Temperton from WIRED said that future attacks on Apple’s security can happen. Consumers should ensure that their entire iOS apps are uploaded to the latest version to avoid these situations.