#MALWARE APPLE XCODE INSTALL#
Developers, however, ultimately chose to ignore the warnings and proceed to install and use the compromised software. In other words, Apple’s Gatekeeper technology, which prevents non-App Store and unsigned versions of programs, like Xcode, from being installed, was doing its job. A compromised version of the Xcode software was uploaded to Baidu’s cloud storage site, promising a faster download than the official version hosted on Apple’s own website, which is slowed due to China’s Great Firewall.īut to even install this affected version of the Xcode software, developers had to ignore a warning which indicated the software was damaged and should be moved to the their version is signed by Apple, but there are changed/added resources.
However, in this case, the malware authors capitalized on developers’ demand for Apple’s official Xcode software. The breach was surprising, given Apple’s historically stringent app review policies.
The malware could potentially impact hundreds of millions of users, the company said. The breach, first discovered by researchers at Alibaba Mobile Security, affected a number of popular apps in the region, including WeChat, Didi Kuaidi (an Uber-like service), business card scanning app CamCard, and several others.Īccording to U.S.-based security firm Palo Alto Networks, which refers to the malware as “XcodeGhost,” 39 iOS applications were affected. Apple has confirmed a security breach in its Chinese App Store which saw nearly forty popular applications infected with malware – a result of app developers being tricked into downloading a compromised version of Apple’s Xcode developer tool kit.
0 kommentar(er)
