Apple has witnessed its first ever major attack on the iOS App Store and reportedly has already started cleaning-up the software.
Many cyber security firms reported a malicious program, being called the XcodeGhost, found embedded in a number of legitimate apps on the platform. It was then that Apple revealed its efforts in taking the tainted programs down.
Apple’s Xcode software is used to create apps for the iOS and Macs and as shared by the Cupertino tech-giant, hackers convinced legitimate software developers to employ a malicious version of this software.
“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” Apple spokeswoman Christine Monaghan said in an email to Reuters. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”
This is the first time ever that such an attack on the App Store has been witnessed wherein presence of multiple malicious software programs has been identified. Up until this attack, Apple’s strict app review process, kept the malicious apps in check. As per Palo Alto Networks Inc, a cyber security firm, before the attack only 5 malicious programs had been found in the App Store till date.
Palo Alto Networks Director of Threat Intelligence, Ryan Olson, shared with Reuters that the malicious Xcode version was downloaded from a server in China. He said that the developers may have opted for it since it allowed for faster downloads as compared to the Apple servers in US.
He also mentioned that the malware came with limited functionality and no data theft or harm has been identified.
As noted by Business Insider, the Cupertino tech-giant shared no information on total number of apps, which have been impacted.