Phil Schiller, SVP of Marketing at Apple, told a Chinese news site that Apple will take steps to avoid ‘XcodeGhost’ like malware making their way to the App Store in the future.
The company will start offering local downloads of Xcode, its compiler for OS X and iOS, for developers in China so that they don’t need to get the tool from other sources.
The XcodeGhost malware was able to spread because Chinese developers ended up downloading an infected version of the Xcode compiler from Chinese file-sharing website Baidu due to the slow download speeds from Apple’s servers. They then used this infected compiler to develop their apps, which in turn were automatically infected with the ‘XcodeGhost’ malware.
Some of these apps then ended up making their way to the App Store, thereby putting millions of iOS users at risk. According to tests ran by security firms, the XcodeGhost malware was found inside some popular apps like WeChat, CamCard, and even Angry Birds 2, and in total affected more than 50+ apps. Majority of the infected apps have been updated since then to remove any traces of XcodeGhost.
Schiller also said that Apple is not aware of any XcodeGhost infected app that transmitted important customer data back to the hackers. He also adds that Apple plans on listing the 25 apps that it has identified being infected with XcodeGhost, so that users can delete or update them.
Apple sent out an email to developers earlier today to provide them with steps to check whether their version of Xcode is infected with XcodeGhost or not.
[Via Reuters]
No comments:
Post a Comment