Apple confirmed a malicious code was inserted into apps using developers tools on Sunday, September 20, 2015.
Copied and altered versions of the developer program Xcode loaded on Chinese servers owned by Baidu, were used to insert malicious code into apps.
About 40 Chinese popular apps were affected with the malicious code or malware discovered. The Palo Alto Networks security company continues to assess the damage possibly affecting millions of users using the apps.
Ryan Olsen, leads a threat research team Palo Alto Networks said “Apple has been extremely successful at keeping malware out of the App Store.”
Effects of the malicious code in apps can be used as pop-up screens that can ask security questions and personal information that can then be sent back to the alternate servers and accessed by the creators of the malicious apps. Most apps loaded into the iOS devices could go unquestioned since most Apple’s apps are thought to be secure.
Researchers noted only most recent apps created with the counterfeit version of Xcode were affected.
Hackers were unable to crack Apple’s software having high-level security. Websites discovered receiving stolen information have been shut down according to researchers.
Source: New York Times