Biggest Security Breach In Apple App Store Gets Malware Infected.
Hundred of Apple Apps gets Malware Infected. It's including the top apps like Angry Birds 2 and WeChat Chinese version. Hackers targeted on app developers and once infected app installed on victim iPhone device, they could steal all data including Logins and Passwords.
The Malware known as XcodeGhost, it also read and write information on the users clipboard. Mostly Asian countries were targeted.
According to report of Intercept,
Although XcodeGhost is the first malware to spread this way in the wild, the techniques it uses were previously developed and demonstrated by Central Intelligence Agency researchers at the CIA’s annual top-secret Jamboree conference in 2012. Using documents from NSA whistleblower Edward Snowden
According to U.S.-based cybersecurity firm Palo Alto Networks Inc.
The attack affected more than three dozen apps. "We believe XcodeGhost is a very harmful and dangerous malware that has bypassed Apple’s code review and made unprecedented attacks on the iOS ecosystem’"
Apple said in the statement,
We recently removed apps from the App Store that were built with a counterfeit version of Xcode which had the potential to cause harm to customers. You should always download Xcode directly from the Mac App Store, or from the Apple Developer website, and leave Gatekeeper enabled on all your systems to protect against tampered software."
How can we protect?
Whether you downloaded Xcode from Apple or received Xcode from another source, such as a USB or Thunderbolt disk, or over a local network, you can easily verify the integrity of your copy of Xcode.
To verify the identity of your copy of Xcode run the following command in Terminal on a system with Gatekeeper enabled:
spctl --assess --verbose /Applications/Xcode.app
where /Applications/ is the directory where Xcode is installed. This tool performs the same checks that Gatekeeper uses to validate the code signatures of applications. The tool can take up to several minutes to complete the assessment for Xcode.
The tool should return the following result for a version of Xcode downloaded from the Mac App Store:
source=Mac App Store
and for a version downloaded from the Apple Developer web site, the result should read either
Any result other than ‘accepted’ or any source other than ‘Mac App Store’, ‘Apple System’ or ‘Apple’ indicates that the application signature is not valid for Xcode. You should download a clean copy of Xcode and recompile your apps before submitting them for review.
What's new update?
The malicious version of apps removed from Apple App Store and developers update them with fixed all security flaws.