Discovery of Malicious Code in Chinese Apps

HomeForumsGeneral DiscussionDiscovery of Malicious Code in Chinese Apps

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • September 22, 2015 at 5:21 am #48280
    Avatar photoWilliam
    Participant

    SAN FRANCISCO — Hackers have found their way into Apple’s App Store.

    Apple confirmed on Sunday that a tool used by software developers for the company’s devices was copied and modified by hackers to put bad code into apps available on the App Store.

    So far about 40 apps with malicious code, or malware, have made it into the App Store, said researchers at Palo Alto Networks, an online security company that is investigating the incident. In a blog post, the security company said the breach could potentially affect hundreds of millions of users.

    The list includes some of the most popular apps in China, like the ride-hailing app Didi Kuaidi. Many of the apps are popular elsewhere as well, like the messaging app WeChat, which has about 500 million users, and the business card scanner CamCard. The Chinese online security company Qihoo said it has found more than 300 infected apps.

    September 22, 2015 at 10:58 am #48281
    Avatar photoCharlie
    Keymaster

    Pretty shocking to know that the reason why this happened is because China’s biggest tech companies (Tencent, Didi Kauiche etc) were using “unofficial” copies of Xcode to compile their iOS apps.

    October 9, 2015 at 4:26 pm #48498
    Avatar photoBrad Gies
    Participant

    Haha.. really Charlie…. shocking?…. more like what else would you expect?

    But it is really bad that big companies would be using an SDK they downloaded from somewhere, AND Nobody thought to verify it ;).

    October 9, 2015 at 4:47 pm #48500
    Avatar photoCharlie
    Keymaster
    Brad Gies wrote:

    Haha.. really Charlie…. shocking?…. more like what else would you expect?

    But it is really bad that big companies would be using an SDK they downloaded from somewhere, AND Nobody thought to verify it ;).

    It’s shocking because it’s unprecedented, it has never happened before on the App Store. It’s amazing to think that these publicly-traded companies worth billions of dollars would make a mistake so stupid: to use unofficial software to compile their apps when the real thing is freely available to them from a legitimate source. It’s not like pirating Photoshop or some expensive software, this is software that has been freely available to everyone for a few years now.

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • The forum ‘General Discussion’ is closed to new topics and replies.