Read about the first major cyber attack on Apple's iOS using XcodeGhost malware and the implications it has for the future of mobile security
Comparing iOS and Android iOS is said to be more secure because applications are fully vetted before being made available to customers and they have been tested and validated by Apple. However, nothing is 100% secure, and that includes iOS too. Recently Apple has introduced iOS 9 with improved security but hackers were able to jailbreak it even before release.
This iOS 9 security flaw is recently discovered which lets anyone access Private Photos and Contacts Without a Passcode, even your phone is locked with PIN. It affects IOS 9 or IOS 9.0. Solution for this bug is simple-disabling Siri on the lock screen, until Apple issues a patch
It is a very harmful and dangerous piece of malware that is capable to Phish credentials, infect other apps, Hijack URLs, Steal iCloud passwords from your device and then upload them to the attacker's servers even without your knowledge.
Recently Researchers disclosed some 39 iOS apps on Apple's App Store infected by 'XCodeGhost Malware'. It is now discovered that more than 4,000 apps are infected. The XCodeGhost malware was distributed through legitimate iOS Apps via counterfeit versions of Apple's app developer toolkit called Xcode.
As if the above bugs and issues were not enough, FireEye researchers found more than 4,000 compromised apps and have now been linked to CIA (Central Intelligence Agency). The technique used by XCodeGhost is similar to that developed by Central Intelligence Agency (CIA) researchers and Reported by The Intercept in March this year, citing the documents leaked by Edward Snowden.
The leaked documents claimed that CIA detailed a way to manipulate Xcode in an effort to add backdoors into iOS apps even without the knowledge of the developers.
The documents didn't make it clear how CIA and other intelligence agencies would "get developers to use the poisoned version of Xcode." XCodeGhost has very similar capabilities that of CIA approach, as well as the way their approach infects iOS apps also matches the one used by XcodeGhost.
It is indeed a hard time for Apple fans after the discovery of back to back bugs and issues. Apple had removed nearly 300 malware-ridden iOS apps from the App Store and has ensured its customers that the company is working to remove these infected apps from its App Store. However Apple has not yet responded to questions about whether they were aware of the CIA techniques for compromising Xcode.
Also Read : iOS 9 Gets Hacked Before Release.
Bypass PIN Bug
This iOS 9 security flaw is recently discovered which lets anyone access Private Photos and Contacts Without a Passcode, even your phone is locked with PIN. It affects IOS 9 or IOS 9.0. Solution for this bug is simple-disabling Siri on the lock screen, until Apple issues a patch
XcodeGhost
It is a very harmful and dangerous piece of malware that is capable to Phish credentials, infect other apps, Hijack URLs, Steal iCloud passwords from your device and then upload them to the attacker's servers even without your knowledge.
Recently Researchers disclosed some 39 iOS apps on Apple's App Store infected by 'XCodeGhost Malware'. It is now discovered that more than 4,000 apps are infected. The XCodeGhost malware was distributed through legitimate iOS Apps via counterfeit versions of Apple's app developer toolkit called Xcode.
Hacked By CIA?
As if the above bugs and issues were not enough, FireEye researchers found more than 4,000 compromised apps and have now been linked to CIA (Central Intelligence Agency). The technique used by XCodeGhost is similar to that developed by Central Intelligence Agency (CIA) researchers and Reported by The Intercept in March this year, citing the documents leaked by Edward Snowden.
The leaked documents claimed that CIA detailed a way to manipulate Xcode in an effort to add backdoors into iOS apps even without the knowledge of the developers.
The documents didn't make it clear how CIA and other intelligence agencies would "get developers to use the poisoned version of Xcode." XCodeGhost has very similar capabilities that of CIA approach, as well as the way their approach infects iOS apps also matches the one used by XcodeGhost.
Ok.. So Now What?
It is indeed a hard time for Apple fans after the discovery of back to back bugs and issues. Apple had removed nearly 300 malware-ridden iOS apps from the App Store and has ensured its customers that the company is working to remove these infected apps from its App Store. However Apple has not yet responded to questions about whether they were aware of the CIA techniques for compromising Xcode.
Also Read : iOS 9 Gets Hacked Before Release.
COMMENTS