Apple Inc. is not impenetrable after all. The firm has just been humbled by a group of hackers who succeeded in placing apps with malicious code into the App Store. News breaking on Sunday has it that hackers were able to get more than 300 apps with malware into the App Store despite Apple’s stringent rules in its app review process. This shows how the App Store could be easily compromised.
Palo Alto Networks, an online security firm looking into the attack confirmed in a blog post that the attack could hurt millions of Apple users. For one, the kind of apps that were the target of the attack were trusted and had an established user base. For instance, WeChat (number 3 messaging app globally) with about 500M users was targeted. Didi Kaudi, China’s version of Uber was affected, and CamCard used to scan business cards was among the affected apps.
A simple but sophisticated Attack
The attack on the Apple App Store is already been called the XcodeGhost because it allowed hackers to embed their malware into hundreds of approved Apple apps right from the end of the developers. What the hackers did was very simple, but the sophistication of the attack caught Apple, its developers, and the app review team unawares. You wanna place malware into the app store? Write your own malware-infected code and convince developers to create their apps with the fake code.
The hackers created a corrupt and fake version of Apple’s Xcode –Xcode is the software that developers use to create apps for iOS and Mac. Developers were then encouraged to use the fake software to create new versions of their apps. It appears that the corrupt was hosted in on China and it was easier for devs to download it because it was faster than using Apple U.S. servers.
Palo Alto networks posit that the apps created with the XcodeGhost can then open websites that can infect the Apple devices with additional malware and viruses. More so, the apps can give users harmless-looking pop-up screens for capturing sensitive user data. Palo Alto Networks notes, “Since the dialogue is a prompt from the running app, the victim may trust it and input a password without suspecting foul play.”
Apple has a serious problem with hackers
Late in August, news broke that a massive hack had hit more than 250,000 iPhones. The tech space largely shrugged the news off because it only affected iPhone that have been jailbroken so that the users can install apps that were not available on the App Store. People seemed to agree that the people who jailbreak their iPhone put themselves at risk and that it wasn’t Apple’s fault that their phones were hacked.
Now, hackers have succeeded in creating a malicious Xcode, they’ve succeeded in deceiving developers, and millions of Apple users have downloaded the corrupt code. Apple cannot shift the blame to users but it says it has “removed the apps from the app store that we know have been created with this counterfeit software”. The firm is also “working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”