{"id":1951,"date":"2015-09-22T04:30:07","date_gmt":"2015-09-21T20:30:07","guid":{"rendered":"http:\/\/staging.bankvaultonline.com\/?p=1951"},"modified":"2015-09-22T04:30:07","modified_gmt":"2015-09-21T20:30:07","slug":"alert-first-major-ios-app-store-breach","status":"publish","type":"post","link":"https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/","title":{"rendered":"Alert: First Major iOS App Store Breach"},"content":{"rendered":"<p><strong>Type of Alert: <\/strong> Malware affecting iOS apps.<\/p>\n<p><strong>Main Attack Vector:<\/strong> Named XcodeGhost, the malware has been found in more than 200 popular apps so far. It was contained in an iOS developer&#8217;s kit &#8211; SDK &#8211; that was hosted by an Chinese cloud storage company.<\/p>\n<p><strong>What is Stolen:<\/strong> The malicious code uploads device information and app information to its command and control (C2) server. It is also capable of receiving commands from the attacker [to] prompt a fake alert dialog to phish user credentials; hijack opening specific URLs&#8230;which could allow for exploitation of vulnerabilities; [and] read and write data in the user\u2019s clipboard.<\/p>\n<p><strong>Who is Affected:<\/strong> This malware has now been found in more than 200 ipad and iphone apps. Most of these apps are Chinese and are used only in China. Although Chinese hackers are blamed, many apps used in the U.S. were infected. Including Mercury, CamCard, and musical.lyHowever, some of the infected apps are used all over the world. <a href=\"http:\/\/researchcenter.paloaltonetworks.com\/2015\/09\/malware-xcodeghost-infects-39-ios-apps-including-wechat-affecting-hundreds-of-millions-of-users\/\" target=\"_blank\">Here&#8217;s a list<\/a> from Palo Alto Networks, who found the malware first.<\/p>\n<p><strong>Description:<\/strong><\/p>\n<p><a href=\"http:\/\/www.wsj.com\/articles\/apple-targeted-as-hackers-infect-popular-chinese-mobile-apps-with-malware-1442750168\" target=\"_blank\">From The Wall Street Journal:<\/a><\/p>\n<p>Some of the most popular Chinese names in Apple Inc.\u2019s App Store were found to be infected with malicious software in what is being described as a first-of-its-kind security breach, exposing a rare vulnerability in Apple\u2019s mobile platform, according to multiple researchers.<\/p>\n<p>The applications were infected after software developers were lured into using an unauthorized and compromised version of Apple\u2019s developer tool kit, according to researchers at Alibaba Mobile Security, a mobile antivirus division of Alibaba Group Holding Ltd.<\/p>\n<p>The list of recently compromised iPhone and iPad apps includes Tencent Holdings Ltd.\u2019s popular mobile chat app WeChat, Uber-like car-hailing app Didi Kuaidi, and a Spotify-like music app from Internet portal NetEase Inc.<br \/>\nThe attack affected more than three dozen apps, according to U.S.-based cybersecurity firm Palo Alto Networks Inc.<\/p>\n<p>The infected apps can transmit information about a user\u2019s device, prompt fake alerts that could be used to steal passwords to Apple\u2019s iCloud service, and read and write information on the user\u2019s clipboard, according to researchers.<\/p>\n<p>Apple said in a late Sunday statement that it had taken steps to address the problem. \u201cTo protect our customers, we\u2019ve removed the apps from the App Store that we know have been created with this counterfeit software and we are working with the developers to make sure they\u2019re using the proper version of Xcode to rebuild their apps,\u201d the statement said.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Type of Alert: Malware affecting iOS apps. Main Attack Vector: Named XcodeGhost, the malware has been found in more than 200 popular apps so far. It was contained in an iOS developer&#8217;s kit &#8211; SDK &#8211; that was hosted by an Chinese cloud storage company. What is Stolen: The malicious code uploads device information and [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[252],"tags":[307,48,156],"class_list":["post-1951","post","type-post","status-publish","format-standard","hentry","category-alerts","tag-ios","tag-malware","tag-xcodeghost"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Alert: First Major iOS App Store Breach - BankVault<\/title>\n<meta name=\"description\" content=\"The iOS app store was breached. If you&#039;re an Apple user, find out how this affects you today!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Alert: First Major iOS App Store Breach - BankVault\" \/>\n<meta property=\"og:description\" content=\"The iOS app store was breached. If you&#039;re an Apple user, find out how this affects you today!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/\" \/>\n<meta property=\"og:site_name\" content=\"BankVault\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/BankVaultOnline\/\" \/>\n<meta property=\"article:published_time\" content=\"2015-09-21T20:30:07+00:00\" \/>\n<meta name=\"author\" content=\"BankVault\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@bankvaultonline\" \/>\n<meta name=\"twitter:site\" content=\"@bankvaultonline\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"BankVault\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Alert: First Major iOS App Store Breach - BankVault","description":"The iOS app store was breached. If you're an Apple user, find out how this affects you today!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/","og_locale":"en_US","og_type":"article","og_title":"Alert: First Major iOS App Store Breach - BankVault","og_description":"The iOS app store was breached. If you're an Apple user, find out how this affects you today!","og_url":"https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/","og_site_name":"BankVault","article_publisher":"https:\/\/www.facebook.com\/BankVaultOnline\/","article_published_time":"2015-09-21T20:30:07+00:00","author":"BankVault","twitter_card":"summary_large_image","twitter_creator":"@bankvaultonline","twitter_site":"@bankvaultonline","twitter_misc":{"Written by":"BankVault","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/#article","isPartOf":{"@id":"https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/"},"author":{"name":"BankVault","@id":"https:\/\/www.bankvault.com\/#\/schema\/person\/76e0aa85d5ac5405b47c0760eb9ab639"},"headline":"Alert: First Major iOS App Store Breach","datePublished":"2015-09-21T20:30:07+00:00","dateModified":"2015-09-21T20:30:07+00:00","mainEntityOfPage":{"@id":"https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/"},"wordCount":428,"commentCount":0,"publisher":{"@id":"https:\/\/www.bankvault.com\/#organization"},"keywords":["iOS","malware","xcodeghost"],"articleSection":["Latest Cybersecurity Threats"],"inLanguage":"en-AU","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/","url":"https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/","name":"Alert: First Major iOS App Store Breach - BankVault","isPartOf":{"@id":"https:\/\/www.bankvault.com\/#website"},"datePublished":"2015-09-21T20:30:07+00:00","dateModified":"2015-09-21T20:30:07+00:00","description":"The iOS app store was breached. If you're an Apple user, find out how this affects you today!","breadcrumb":{"@id":"https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.bankvault.com\/alert-first-major-ios-app-store-breach\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.bankvault.com\/"},{"@type":"ListItem","position":2,"name":"Alert: First Major iOS App Store Breach"}]},{"@type":"WebSite","@id":"https:\/\/www.bankvault.com\/#website","url":"https:\/\/www.bankvault.com\/","name":"BankVault","description":"cybersecurity","publisher":{"@id":"https:\/\/www.bankvault.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.bankvault.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-AU"},{"@type":"Organization","@id":"https:\/\/www.bankvault.com\/#organization","name":"BankVault","url":"https:\/\/www.bankvault.com\/","logo":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.bankvault.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.bankvault.com\/wp-content\/uploads\/2018\/11\/BankVault-Logo-Light.png","contentUrl":"https:\/\/www.bankvault.com\/wp-content\/uploads\/2018\/11\/BankVault-Logo-Light.png","width":1212,"height":275,"caption":"BankVault"},"image":{"@id":"https:\/\/www.bankvault.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/BankVaultOnline\/","https:\/\/x.com\/bankvaultonline"]},{"@type":"Person","@id":"https:\/\/www.bankvault.com\/#\/schema\/person\/76e0aa85d5ac5405b47c0760eb9ab639","name":"BankVault","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.bankvault.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","caption":"BankVault"},"url":"https:\/\/www.bankvault.com\/author\/bankvault\/"}]}},"_links":{"self":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/posts\/1951","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/comments?post=1951"}],"version-history":[{"count":0,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/posts\/1951\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/media?parent=1951"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/categories?post=1951"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/tags?post=1951"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}