Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Apple App Store suffers its first large-scale attack

Researchers have spotted the first large-scale attack on Apple Store, attackers used XcodeGhost designed to inject malicious code into iOS and OS X apps. Apple announced yesterday it is cleaning up the official iOS App Store to remove malicious iPhone and iPad applications, the company confirmed that this is the first large-scale attack on the […]

Apple zero-day

Researchers have spotted the first large-scale attack on Apple Store, attackers used XcodeGhost designed to inject malicious code into iOS and OS X apps.

Apple announced yesterday it is cleaning up the official iOS App Store to remove malicious iPhone and iPad applications, the company confirmed that this is the first large-scale attack on the official store that evaded the stringent app review process of the company.

“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” Apple spokeswoman Christine Monaghan said in an email. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”

The cyber attack was reported by several cyber security firms that detected a malicious program dubbed XcodeGhost that was used to “trojanize” hundreds of legitimate apps. The researchers confirmed that the attackers have infected several apps, including the popular mobile chat app WeChat and the music app from Internet portal NetEase.

The threat actors embedded the malicious code in these apps by deceiving developers and tricking them into use a bogus version of the Apple Xcode.

“The hackers embedded the malicious code in these apps by convincing developers of legitimate software to use a tainted, counterfeit version of Apple’s software for creating iOS and Mac apps, which is known as Xcode, Apple said.” reported the Reuters.

AppleFlaw

Palo Alto Networks is one of the firm that earlier detected the large-scale infection, its Director of Threat Intelligence Ryan Olson explained that the malicious code used by bad actors has limited functionality and at that his firm hasn’t observed a significant impact of the attack.

Anyway, what is happening is very serious, the event also demonstrates that the App Store could be used to serve malware on a large scale and there is the concrete risk of emulation for other attackers.

“Developers are now a huge target,” Olson added.

The researchers explained that the tainted version of Xcode was downloaded from a server in China, according to Olson, it is likely that developers used this specific server because it allowed for faster downloads than using Apple’s U.S. servers.

While Apple is cleaning the App Store, other security firms are working to identify other bogus applications, the Chinese security firm Qihoo360 Technology Co confirmed it had uncovered 344 apps tainted with XcodeGhost.

Pierluigi Paganini

(Security Affairs – Apple Xcode, mobile)