Apple’s iPhone 6S devices will be on sale on Friday, but the big launch may not be as memorable as past launches because of the recent attack on its App Store, which left many popular apps infected with malware. But now, the iPhone firm plans to fix the source responsible for the breach.
Apple to fix the flaw
On Tuesday, the firm’s senior vice president of worldwide marketing, Phil Schiller, said they are taking precautionary measures to prevent such occurrences in the future. The tainted apps were the result of Apple developers using XcodeGhost, a counterfeit version of the Xcode platform used for creating programs for iOS and Mac.
Since the download speed associated with sourcing Xcode officially from Apple’s U.S. servers is slow, developers in China used local sites for downloading it. Taking advantage of this, hackers slipped the spurious version in among the authentic versions of Xcode on the Chinese sites.
Schiller told Sina that it takes just 25 minutes in the U.S. to download Xcode, but in China, it takes three times as long. And now, Apple has decided to tackle this problem by providing an official source to developers in the People’s Republic for downloading Xcode domestically, Schiller told the Chinese publication.
No potential harm
Apple will soon release a list of 25 apps it knows are infected, Schiller said, adding that there is no evidence of the malware stealing any information from users who downloaded tainted apps. Palo Alto Networks was the first to report the App Store’s security breach, informing iOS users that 39 apps were compromised, including one used for trading stocks and banking.
WeChat, a messaging app, with more than 500 million monthly users, was also among the tainted apps. According to WeChat developer Tencent, only users running an older version of the app could potentially be affected with the malware.
On Monday, an Apple spokeswoman said, “We’ve removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.” Historically, the App’s Store security has always been solid. Prior to this attack, only five malware-infected apps had been able to make it through the company’s testing, according to Palo Alto Networks. Presently, Apple’s App Store has more than 1.5 million apps.
