Number of iOS apps infected by XCodeGhost rises to 4,000
From only 39, the number of apps on the App Store infected by the malware called XCodeGhost has grown enormously. California-based cybersecurity firm FireEye, Inc. identified over 4,000 infected apps on the App Store on Tuesday.
"Immediately after learning of XcodeGhost, FireEye Labs identified more than 4,000 infected apps on the App Store," FireEye said in a blog post. FireEye then updated its NX and Mobile Threat Prevention (MTP) products to detect the infected apps and their activities on a network.
Last week, cybersecurity research firm Palo Alto reported the first major hack attack on the App Store by XCodeGhost. It initially reported that 39 apps in the App Store were compromised.
The infection occurred when Chinese iOS developers unknowingly used counterfeit software dubbed XCodeGhost to download files faster because of slower download times from Apple’s U.S. servers.
The apps created using XCodeGhost, which is a tainted version of Apple’s XCode, gathers device and user credentials once an infected app has been properly installed. Target information include current time, network type and the name of the device. Reuters said the malware has limited functionality.
Palo Alto Networks researcher Claud Xiao, however, reportst that infected apps are capable of receiving commands from attackers. Fake commands allow hackers to read and write data to the victim’s clipboard, prompt a fake notification and open specific URLs. Xiao said this can be used to steal passwords and confidential user information.
Apple removed over 300 Chinese apps initially infected by XCodeGhost from its App Store, according to the download website FileHippo. The move was in response to alarms raised by several security research firms that continue to detect infected apps. Cybersecurity firm FireEye suggests that Apple users update their iOS apps to the latest version.
iOS App Store Hacked: Protect Your iPhone from Malware! (Credit: YouTube/The Macintosh Review)
Contact the writer at feedback@ibtimes.com.au or let us know what you think below.