Apple has been always perceived to have set a greater degree of security measures and policies when it comes to app publishers on App Store. In fact, security is one of the reasons some buyers skip Android and go for an Apple product. This belief has taken a beating as Apple has disclosed, after several Cyber security firms aptly pointed out, that a malicious program dubbed XcodeGhost was embedded in several legitimate apps.


This rogue version of Xcode App would literally dupe developers and send back device information along with sensitive data back to the hackers. This would plague the otherwise good apps into data leaking taps, which would eventually give away all the user details to the hackers thus flagging a serious security concern.
The hackers found way to embed the malicious code in the targeted apps by prodding developers to use a rogue version of the XCode software, which is usually used by the developers to create iOS apps. It is still unknown if the counterfeit Xcode offered additional functionalities or features for the developers, as it would be very difficult to convince developers to switch from the legit Xcode without any substantial reasons.

Furthermore, the rogue version of the Xcode was downloaded from a Chinese server which promised developers of better download speeds than the original Apple servers that reside in US. Majority of the infected apps seemed to be aimed at the Chinese market. WeChat, China’s WhatsApp rival has also been figured out in the list of affected applications.

Apple seems to have already swung in to action and is cleaning up the iOS App Store in order to remove all the malicious iPhone and iPad applications in order to curb one of the largest attacks on the iOS front. We are sure that Apple would be able to disinfect the App Store in a jiffy, but this entire ordeal raises some serious security concerns we rarely pondered upon. Until now hackers were targeting the users directly to get their way into the systems, but now it seems that they want to magnify the attack by inducing the malicious code on the developers end. This calls for setting up effective measures on the developers to ensure that they are protected from such attacks, thus reducing the very possibility of such attacks.

Was this article helpful?