Science and Tech

Actions

Apple iOS Hack Sours Company's Hacker-Proof Image

Apple's seemingly squeaky-clean reputation for secure software might be tainted after a massive breach affected millions of users in China.
Posted
and last updated

It was a bad weekend for Apple. A major security breach potentially exposed the personal information of millions who downloaded apps from the Chinese App Store. (Video via Apple)

At least 31 of the Chinese store's more popular apps were affected, including Rovio's "Angry Birds 2." Hackers used an altered version of Xcode, which is Apple's development software, to infiltrate legitimate developers' apps. (Video via Apple)

It's believed only Chinese developers were duped because they downloaded the program from local servers instead of Apple's servers. Normally, downloading a full copy of Xcode from Apple — while in China — takes a really long time.

The cybersecurity company Palo Alto Networks writes that the fake Xcode software, called XcodeGhost, sends information about devices back to hackers. The malware also adds code to apps which allows those hackers to prompt fake alerts asking for credentials, to hijack opening URLs, and to read and write data in a device's clipboard.

Tech experts have long regarded Apple's iOS as one of the most secure operating systems in the game. This is, in part, due to strict safety checks developers must pass before apps can be published to the store.

Apple also protects users by regularly pushing out iOS updates and urging customers to download them sooner rather than later.

Normally when apps are infiltrated, the hack is done on the users' end — which makes this case unusual.

Apple has removed the affected apps from the store.

This video includes images from Getty Images.