Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT
Wednesday, 23 September 2015 / Published in Woo on Tech

Malware penetrates Apple’s walled garden

Apple app store not bullet proof

Apple is infamous for it’s stringent and sometimes odd vetting process for iOS apps, but it has purportedly kept iPhone and iPad users relatively safe from the malware that has plagued the Android ecosystem for years. Unfortunately, they can no longer wear that badge with pride anymore, as dozens (possibly hundreds) of apps written by Chinese developers and distributed through the official Apple App Store have been found to be infected with malware that can cause serious security problems for the affected device. Before you get up in arms about the brazen escalation of Sino-American cyber-hostilities, security analysts believe that the infected apps weren’t purposefully compromised, but were caused by Chinese app developers using an infected version of Apple’s coding framework, Xcode to build or update their apps. These apps were then submitted and, upon passing through Apple’s security screening, distributed in both the Chinese and American App Stores to upwards of hundreds of millions of users.

What this means for you:

Unless you make a habit of installing Chinese iOS apps you probably aren’t directly affected by this. Check this list, and if you did install one of the affected apps remove it or update it immediately, and change your Apple Cloud password and any other passwords you might have used while the infected app was installed on your device. For the rest of us that aren’t impacted, this particular failure illustrates two important points about security:

  1. No security system or process is infalliable. Apple’s fall from grace in this regard was only a matter of time. Every good security plan should include a failure contingency. In Apple’s case, they know exactly who installed what apps and plan to notify all affected customers.
  2. The use of the compromised Xcode framework was traced to many developers using a non-official download source to retrieve the code, which is very large (3gb) and is very to slow to download in China from Apple’s servers. Rather than being patient/diligent, Chinese programmers used local, unofficial repositories hosting malware infected versions of Xcode. Always confirm your source (whether reading email or downloading software) before clicking that link!
  • Tweet
Tagged under: Android, app store, Apple, Google, infection, ios, ipad, iPhone, malware, security, xcode, xcodeghost

What you can read next

Windows XP logo
World Still Clings to Windows XP
ID-10067190.jpg
Your Phone’s Location Can Be Bought for $300
Dropbox breach
60M Dropbox accounts exposed in 2012 breach

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Update your tech vocabulary for 2023

    If there is one thing that the Internet excels ...
  • We sold our souls, but not how you might think.

    Part of an occasional series of articles that d...
  • “Low on Cyan.”*

    If you catch me at the end of a frustrating day...
  • GPTBot starts crawling the web. Resistance is futile.

    I know some of you are Trekkies, and even if yo...
  • Surprise, surprise. Hackers are using AI to bolster their attacks.

    The FBI held a press conference last week to co...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP