Sep 23, 2015 03:51 PM

Hacker Attack on Apple App Store Biggest Ever, Anti-Virus Firm Says


(Beijing) – Hackers launched the largest-ever attack on mobiles applications available on the Apple store from September 10 to 12, affecting hundreds of Chinese-language apps, the anti-virus software company Qihoo 360 Technology Co. Ltd. says.

The targets attacked included the popular messaging app WeChat, the care-hire app Didi-Kuaidi and a ticket-booking app from China Railway Corp., Qihoo said. Hackers used malicious software called XcodeGhost that was hidden inside a fake version of Xcode, a popular developer tool for iOS apps and Mac software.

The malware was designed to collect information from infected devices by sending phishing messages that tried to trick users into disclosing information, said Qihoo 360 Technology and the cybersecurity division of Tencent Holdings Ltd.

Instead of directly infecting users' iPhones, the malware lured app developers to use the unauthorized code in their applications.

Anti-virus software engineers at Qihoo have identified 344 apps that were infected by XcodeGhost. Some 145,000 apps are available on Apple Inc's app store.

Data from the cyber security division of Tencent, owner of WeChat, showed that 76 of the 5,000 most popular apps were infected. "Moderate estimates predict that more than 100 million users are affected," a post on Tencent's website said.

A spokesperson for Tencent confirmed the attack, but said the company had not found evidence that user information was leaked or money was stolen. Tencent said in a statement on September 18 the problem in WeChat had been fixed and will not impact users who install or update the app.

Lin Wei, head of a Qihoo 360 Technology division focusing on cybersecurity research, said a group of hackers registered a website in February before launching the attack. On March 13, the hackers started to spread the malware on a large scale on open-source websites. They even blocked forum moderators' access to websites and replaced existing code with the fake.

"These are all very skilled and professional hackers," he said.

It was unclear what country the hackers were operating from.

The attack went unnoticed until apps used by millions of users adopted the code, Lin said, adding that despite the security breach, iOS is still safer than Android.

(Rewritten by Chen Na)

You've accessed an article available only to subscribers
Share this article
Open WeChat and scan the QR code