Apple App Store – Is It Still a Safe Haven?

One of the most trusted tech giants Apple has recently experienced a cyber attack that affected Apple Store apps used on both iPhones and iPads in China.

Hackers created a genuine looking fake version of Apple’s software for building iOS and MAC apps, Xcode. App developers were a main target for the hackers – by downloading legitimately looking software programs, they allowed the cyber criminals to get access to sensitive user information. Hackers also sent fake alerts to users asking them to enter their passwords that were then automatically forwarded to the system used by cyber criminals.

Although there is no data suggesting a leak of such information so far, the record of a cyber attack looks embarrassing given Apple’s successful history of keeping the App Store malware free. Although it may not affect its profits a lot, it does not add value to its reputation either.

The attack on Apple’s App Store shows that cyber attacks are becoming ever more sophisticated. This was the first major attack on the App Store. Whilst before the App Store had been considered as a “safe haven”, especially in comparison to, say, Google’s Play Store, we doubt it still qualifies as such. In this particular case, app developers did not see anything suspicious about the counterfeit software. What’s most worrying is Apple’s quality testers did not detect the threat in the second stage process. 

Apple says that it is cleaning up its iOS App Store to get rid of any malicious programs. Moreover, it revealed that the malwareis called XcodeGhost. However, it did not share the information on how many apps it had uncovered so far, and how many more they expect to find. According to the Chinese security company Qihoo360 Technology, 344 apps containing XcodeGhost were uncovered. The Uber-like-car-hailing app, as well as the popular WeChat, are amongst those.

The example above and other recent news show that app developers have been extensively targeted by cyber criminals. If hackers manage to trick developers and tech giants’ app quality testers, how hard would it be to breach into your organisation’s system?

We are confident in saying that this is sort of question we can help you to answer. If you have any IT security concerns, Commissum are happy to have a no obligation expert chat. Get in touch: give us a call at 01316252737 or submit your enquiry here.