Victor Alagbe, LEARN BONDS
(LearnBonds.com) – Apple Inc. (NASDAQ:AAPL) is not impenetrable after all. The firm has just been humbled by a group of hackers who succeeded in placing apps with malicious code into the App Store. News breaking on Sunday has it that hackers were able to get more than 300 apps with malware into the App Store despite Apple’s stringent rules in its app review process. This shows how the App Store could be easily compromised.
Palo Alto Networks, an online security firm looking into the attack confirmed in a blog post that the attack could hurt millions of Apple users. For one, the kind of apps that were the target of the attack were trusted and had an established user base. For instance, WeChat (number 3 messaging app globally) with about 500M users was targeted. Didi Kaudi, China’s version of Uber was affected, and CamCard used to scan business cards was among the affected apps.
A simple but sophisticated attack
The attack on the Apple App Store is already been called the XcodeGhost because it allowed hackers to embed their malware into hundreds of approved Apple apps right from the end of the developers. What the hackers did was very simple, but the sophistication of the attack caught Apple, its developers, and the app review team unawares. You wanna place malware into the app store? Write your own malware-infected code and convince developers to create their apps with the fake code.