This week, the Chinese software developers for iOS and OS X found in some programs from the online store App Store malware. Later this information was confirmed in Alibaba, and experts of the company Palo Alto Networks studied in detail spyware.
Attackers embedded in the application code through malicious modified versions of Xcode. Installers programs that in Alibaba dubbed XcodeGhost, loaded into an online repository of Chinese Internet giant Baidu and displayed on the first page of search results. A reckless developers worked hard on their projects, suspecting nothing of the threat.
According to the researchers, Apple missed in the App Store at least 39 infected applications, including the popular messenger WeChat. Most often, the remote server is encrypted transmitted name of the mobile device and its unique ID, information about the time, country, language and type of network. This list does not include the personal data of users, but do not underestimate the danger of the “spy”.
As the experts found out that Palo Alto Networks, the scammers open much wider possibilities. For example, the application may emerge a message to enter your credentials, and the owner of the smartphone did not even guess that this information falls into the wrong hands. Besides phishing mentioned transition for malicious links, as well as the theft of usernames and passwords that have been copied to the clipboard.
Apple has not commented on the situation with XcodeGhost. I must say, almost all infected programs for iOS and OS X are focused on the Chinese market.