Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Jump to content

US EditionChange

UK EditionAsia EditionEdición en Español
Sign up to our newslettersSubscribe: $6 for 6 months
More
Best
Climate
TV

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in

Apple's app store hacked by malware in China in its first major cyber attack

The Apple app store has been hacked in China

Clare Hutchison
Monday 21 September 2015 10:10 BST
Comments
Apple said it was combing through its App Store to get rid of the bogus programme
Apple said it was combing through its App Store to get rid of the bogus programme

Apple has suffered its first large-scale cyber attack after hackers managed to embed malicious software in hundreds of iPhone and iPad apps.

Palo Alto, a cybersecurity firm, said on Friday that hundreds of millions of users could have been impacted by the infected apps.

The attack is first large-scale attack on the App Store and occurred despite the existence of the company's stringent app review process.

Read more: WhatsApp for Web vulnerability
James Franco talks Sony email hack
Barclays combating terrorism by hacking its own systems

It was flagged by several cyber security firms flagged who found rogue program XcodeGhost in legitimate apps.

The code can trick developers wanting to use Apple's genuine Xcode software into downloading the counterfeit version.

The company said it was combing through its App Store to get rid of the bogus programme.

“We've removed the apps from the App Store that we know have been created with this counterfeit software,” Apple spokeswoman Christine Monaghan said.

“We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”

Prior to this attack, Apple had seen just five malicious apps make their way onto the App Store, accoring to cyber security firm Palo Alto Networks.

Ryan Olson, director of threat intelligence at Palo Alto Networks, said the malware had limited functionality and his firm had uncovered no examples of data theft or other harm as a result of the attack.

Still, he said it was “a pretty big deal” because it showed that the App Store could be compromised if hackers infected machines of software developers writing legitimate apps.

Other attackers may copy that approach, which is hard to defend against, he said.

Additional reporting by Reuters

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in