All Apple news

Expert: attacks on the App Store can be involved in the American intelligence services

For the first large-scale attack on the App Store, during which thousands of applications have been infected with malicious code XCodeGhost, can stand the CIA, according to the expert in the field of information security Pierluigi Paganini. Attackers can use malware to gain control over the devices of the victims, theft of credentials, including iCloud, as well as for traffic interception. Used XCodeGhost method, as noted Securitylab, very similar to the one that was developed by U.S. intelligence agencies.

In March of this year edition of The Intercept was issued to Edward Snowden documents which described attempts by intelligence agencies to use the Xcode development environment as an attack vector. Experts even managed to install backdoors in iOS to bypass the controls.

According to the documents, if the developer used a modified CIA version of Xcode, the secret service could easily access your data and personal information of many users. Of course, this assumption is not yet proven, however, the description of the attacks, the CIA is very similar to incidents using XCodeGhost.

When developing applications for the iOS platform is generally used authorized Apple Xcode package, but download it from the company’s website in China may take a great time. The hackers posted on a Chinese website Baidu Pan your program, simulate Xcode and loading much faster. When it became known about the malicious nature of the product, the website owners have uninstalled the program.

All, us Palo Alto Networks, the list turned out to be infected nearly 40 applications. According to experts FireEye, such programs around 4000. They may secretly transmit to the server data from the user device to issue false reports and using them to steal account passwords in iCloud.

Read also:   Sensor $10 will allow the Apple Watch to recognize objects in the hand

Apple claims that the identified program containing malicious code that is removed from the online store App Store.

Leave a Reply

Your email address will not be published. Required fields are marked *