Apple suffers first large-scale cyber attack on App Store as hackers embed

It infects Apple iOS apps and was seen in App Store.

XcodeGhost potentially affects more than 500 million iOS users, primarily because messaging app WeChat is very popular in China and the Asia-Pacific region.

Tencent’s WeChat app and car-hailing app Didi Kuaidi were infected by the attack, saying bothhave since fixed the problem, Bloomberg reported.

This is the first time ever that such an attack on the App Store has been witnessed wherein presence of multiple malicious software programs has been identified.

Apple spokeswoman Christine Monaghan told Reuters that the company has removed the apps that it knows were created using the counterfeit software.

Apple said the hackers had embedded a malicious code into the apps by persuading developers to use a counterfeit version of the firm’s own software. Prior to the current attack, there werejust about five instances of malicious apps entering the Apple App Store.

This version, according to researchers, was possibly downloaded from an unofficial server in China rather than that of a trusted source and can give the attacker access to the users’ clipboard, prompt fake phishing dialogs and open URLs, according to Palo Alto Networks. It seems that someone had successfully tricked developers into downloading a compromised version of Apple’s developer tool kit, which upon use managed to sneak the malicious code into the app which was then unwittingly posted onto the iTunes App Store.

Qihoo 360, a Chinese security firm, said it had found 344 apps affected by Xcode Ghost.

It added that an initial investigation showed that no data theft or leakage of user information had occurred.

Apple has been always perceived to have set a greater degree of security measures and policies when it comes to app publishers on App Store.

Olson said that even in this case, hackers did not crack Apple’s software.

Affected apps include WeChat, CamCard and a Chinese smart cab service, The Verge reported.

iOS users should immediately uninstall any infected iOS app listed here on their devices, or update to a newer version that has removed the malware.

View the original content and more from this author here: http://ift.tt/1L7R99Z

from hacker samurai http://ift.tt/1MKAMAj
via IFTTT

OPM Hackers Took 5.6 Million Sets of Fingerprints

Hackers who stole personnel data on millions of U.S. federal employees got away with more fingerprint images than originally thought, according to the government agency hit by the massive cyber attack.

In a statement Wednesday, the Office of Personnel Management said further investigation revealed that 5.6 million fingerprint records were stolen in the attack, or more than five times as many as first thought.

The attack, first discovered earlier this year, affected nearly 22 million current and former federal workers, job applicants, and their families.

U.S. investigators have told reporters privately they believe the Chinese government is responsible for the breach, but officials have not yet made this accusation publicly.

President Barack Obama is expected to prominently raise the issue of cyber attacks when he meets Chinese President Xi Jinping at the White House for a state visit later this week.

The Obama administration says cyber attacks, particularly Beijing’s alleged theft of commercial secrets, have become a major irritant to U.S.-China ties.

However, White House officials have been more reluctant to bring up the OPM attack, which is seen as a more classic case of government espionage.

If the Chinese government did carry out the breach, it is not clear how exactly it intends to use the federal worker data. U.S. officials say they have no evidence the information has been abused so far.

Federal experts also believe that, “as of now, the ability to misuse fingerprint data is limited,” according to the OPM statement. “However, this probability could change over time as technology evolves,” it said.

The OPM says an interagency working group, including the FBI, Department of Defense, and Department of Homeland Security, has been set up to “review the potential ways adversaries could misuse fingerprint data now and in the future.”

The revelation could particularly put at risk any U.S. intelligence officers or contractors working covertly overseas whose prints have been taken.

The U.S. has blamed China for a series of high-profile cyber attacks on U.S. government and business entities in recent years. China has strongly denied all the allegations.

View the original content and more from this author here: http://ift.tt/1KwuLU7

from hacker samurai http://ift.tt/1Vc4nlf
via IFTTT

Apple suffers first large-scale cyber attack on App Store as hackers embed | hacker samurai

from Hacker Samurai http://ift.tt/1MKAMAj
via IFTTT

OPM Hackers Took 5.6 Million Sets of Fingerprints | hacker samurai

from Hacker Samurai http://ift.tt/1Vc4nlf
via IFTTT

Terry Gilliam Campaigns to Take Assange Case to European Human Rights Court | hacker samurai

from Hacker Samurai http://ift.tt/1j9cPWI
via IFTTT

iOS 9 Virus: XcodeGhost Malware Infecting WeChat And 50 iOS Apps For Multiple Versions | hacker...

from Hacker Samurai http://ift.tt/1j9cQtz
via IFTTT

Internet.org collaborates with smartwatch hackers to support pregnant women in developing...

from Hacker Samurai http://ift.tt/1gMzjeb
via IFTTT