- How to watch TruTV online for free 4 Years Ago
- Fans call out Madonna for edited Eurovision video Tuesday 9:36 PM
- Partnered Twitch streamer temporarily banned for airing troll’s racist message Tuesday 8:45 PM
- Reddit theory says fans are wrong about who won ‘Game of Thrones’ Tuesday 6:52 PM
- Elon Musk hires ‘absolute unit’ sheep meme creator to be Tesla’s social media manager Tuesday 6:12 PM
- Jason Momoa stands by his Khaleesi after the ‘Game of Thrones’ finale Tuesday 4:05 PM
- Airbnb, 23andMe partner for creepy heritage travel recommendations Tuesday 3:26 PM
- Rep. Katie Porter goes viral again for trouncing Ben Carson (updated) Tuesday 3:26 PM
- This deepfake takes Bill Hader’s Schwarzenegger impression to the next level Tuesday 2:58 PM
- Wanda Sykes rails against Trump and offers much-needed perspective in ‘Not Normal’ Tuesday 2:41 PM
- Man arrested after allegedly threatening to shoot YouTube employees Tuesday 2:13 PM
- Some House Dems are backing away from the Save the Internet Act Tuesday 1:40 PM
- Thousands sign petition calling for Danny DeVito to play Wolverine Tuesday 1:02 PM
- Jason Mitchell fired from ‘Desperados’ and ‘The Chi’ after misconduct allegations Tuesday 12:36 PM
- Police raid Black woman’s house after white neighbor complains about loud Malcolm X speeches Tuesday 12:20 PM
Apple remains silent as major App Store malware attack infects hundreds of apps
Hundreds of millions of users are affected by this attack.
Researchers discovered the largest-ever malware attack against the Apple App Store last week, a major security breach potentially involving hundreds of popular apps with hundreds of millions of users.
While Apple is currently engaged in a wide-ranging cleanup, the company has so far declined to give examples of major apps that were hit, provide estimates of how many apps were affected, or tell users how to determine if they’ve been affected. Apple did not respond to a request for comment.
The attack is known as XcodeGhost because it was hidden in an infected version of Xcode, an app used to develop software for Apple devices. Programmers who were hit with XcodeGhost unknowingly infected the apps they built, because they compiled those apps using infected versions of Xcode before publishing them to the App Store.
Security experts have identified dozens of infected apps, including WeChat, a popular messenger app with more than 500 million users. WinZip and Musical.ly were among the other affected apps.
The Chinese security researchers Qihoo360 reported that at least 344 apps were infected.
News of the unprecedented attack first surfaced among Chinese developers, followed by security researchers at Palo Alto Networks, who reported that XcodeGhost launched phishing attacks to steal iCloud passwords.
“Based on this new information, we believe XcodeGhost is a very harmful and dangerous malware that has bypassed Apple’s code review and made unprecedented attacks on the iOS ecosystem,” researcher Claud Xiao wrote. “The techniques used in this attack could be adopted by criminal and espionage focused groups to gain access to iOS devices.”
Photo via Scott Schiller/Flickr (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.