from Engadget http://ift.tt/1MwWw2g
The iOS App Store is usually a trustworthy source of software. But as hackers tend to do, they found a way to get their nefarious wares into the China version of the software supermarket. By using altered versions of Apple’ development tool Xcode they were able to slip malware into apps being built by unaware devs. The problem started when developers downloaded altered versions of Xcode (named "XcodeGhost" Alibab researchers) from third-party sites. When apps built with the modified compiler are launched, they collect the phone’s name, UUID, language and country, current time and network type. That data is then encrypted and sent to servers. Not a huge breach, but no one wants to be tracked by unknown sources.
The bigger issue is that these apps made it into Apple’s App Store in China. While only a handful of apps have gotten past Apple’s strict security, all it takes is one app with an aggressive piece of malware to destroy the trust customers have put in Apple. Fortunately, the apps have only been seen in the App Store in China.
Also, developers shouldn’t be downloading their tools from random third-party sites. Just a thought.
Apple has not responded to requests for comment about XcodeGhost and the infected apps.
Source: Palo Alto Networks