- Mylobot malware connects a user’s Windows device to a Botnet making them prone to attacks
- MysteryBot Android malware can steal your bank details
- How to unlock Chrome’s inbuilt malware scanner
- Thousands of Android devices shipped with pre-installed malware: Avast
- Android devices ship with pre-installed malware: Avast report
- Roaming Mantis Android malware extends target from Asia to rest of world
Apple's iOS has always been one of the safest mobile OS in the business. In fact the security features of the OS had always given it an edge over Android, which according to many snoops upon users' privacy like search results, networks etc. However it seems like the highly secure App Store of iOS in China is now infiltrated with a number of apps with potent malwares. Though this news might be music to the ears of Google, but it isn't to many an iOS users worldwide.
UPDATE: Apple seems to have reportedly fixed this security breach. "We've removed the apps from the App Store that we know have been created with this counterfeit software," Apple spokesperson Christine Monaghan told Reuters. "We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps."
Among the major apps hit by this XCodeGhost malware threat included the popular messaging service WeChat, Uber rival in China Didi Chuxing and business card scanner CamCard.
Infiltrate App Store
However there's a rather interesting tale behind the inception of malware in these iOS apps. Hackers are growing intelligent with every passing days and they are trying their level best to infiltrate the secure App Store of the Cupertino giant. Apparently the App developers didn't install the nefarious malwares, instead the softwares got infected unknowingly thanks to a nifty idea of these hackers.
Most of the apps of iOS are built using XCode which is an official apps from the Cupertino giant which allows devs to compile their apps for iOS supported devices. The recently announced XCode 7 is in fact the most popular compiler among iOS app developers worldwide. Hackers however planned to use this as a target!
While most developers download the XCode from Apple's own servers, many occasionally opt to download it from external source on the web. This mayn't be a big issue in most situation considering the fact that the XCode app is completely free. But in this case most of the XCode app download from the third party apps have been tampered with by adding malicious malware. Hence developers who used this version of XCode got this malware integrated into their apps.
WeChat in China
One of the major apps to be infiltrated by this treat in China is WeChat. As you may be aware, WeChat is a popular mobile messaging app used in the Asian countries and beyond. The developers of WeChat however mentioned that they have figured out this presence of malware dubbed the ‘XCode Ghost' and has also pushed in an update for the same. Hence in case your are in China and using WeChat do update it from the App Store.
How To Be Safe
However this just a tip of the iceberg and many a apps may have been infected by this malware. However the malware doesn't do much of a harm other than tracking a no of private information - phone name, UUID, language, country and current time zone. Do feel free about the fact that all your paswords and credit/debit card details are safe. The info collected from the devices are then across to some selected servers as encrypted information.
While the new XCode Ghost may not be an important hack to fuss about for the masses, but people living with high security should be wary off. However the XCode Ghost, further emphasizes the fact that none is fallible in this world. Despite the fact iOS is one of the safest OS around, the hackers found a cool way around to enter your device. They in fact did that in the past and may again try it in the future!