Apple is hot off another fresh OS update with iOS 9, however, things got a little tricky when a counterfeit version of Apple’s Xcode developer program was discovered. The Counterfeit Xcode was being used to create and infect apps with malware for iOS and Mac system software.
“According to security firm Palo Alto Networks, which initially reported the breach, 39 apps were compromised by the counterfeit, called XcodeGhost, including ones used for trading stocks and banking. Apple said it had purged the compromised apps from its online storefront,” according to CNET.
“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” an Apple spokeswoman told CNET, according to the report.
“We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”
Barring this App Store breach, the App Store has been known for it’s strength in security. After iOS 9 was released a flurry of users began upgrading their software which also had security updates. While the article states that there was little threat from the malware created, the intrusion shows that what some thought was a completely secure marketplace has it’s little flaws.
“The developers using XcodeGhost were likely unaware that they were using spurious software,” according to the report.
“Chinese developers often download Xcode from unofficial, local sites due to the slow download speed associated with sourcing it from Apple’s faraway US servers. The attackers took advantage by slipping the counterfeit versions in among the regular programs.”
The good news is, Apple was able to catch the intrusion in a timely fashion and fix it. The proactive approach to security threats is reassuring to users however, it will be interesting to see if the company issues further security measures.
Read the full story.