Chinese Apple XcodeGhost Piracy
Ping!
If you want on or off the Mac Ping List, Freepmail me.
If you want on or off the Mac Ping List, Freepmail me.
WinZip Musical.ly PDFReader guaji_gangtai en Perfect365 网易云音乐 PDFReader Free WhiteTile IHexin WinZip Standard MoreLikers2 CamScanner Lite MobileTicket iVMS-4500 OPlayer Lite QYER golfsense 同花顺 ting installer 下厨房 golfsensehd Wallpapers10000 CSMBP-AppStore 礼包助手 MSL108 ChinaUnicom3.x TinyDeal.com snapgrab copy iOBD2 PocketScanner CuteCUT AmHexinForPad SuperJewelsQuest2 air2 InstaFollower CamScanner Pro baba WeLoop DataMonitor 爱推 MSL070 nice dev immtdchs OPlayer FlappyCircle 高德地图 BiaoQingBao SaveSnap WeChat Guitar Master jin WinZip Sector Quick Save CamCard v.6.5.1From the article. "Fox-IT (fox-it.com), a Netherlands based security company, checked all C2 domain names from our reports in their network sensors and has found thousands of malicious traffic outside China. According to their data, these iOS apps were also infected:"
So is this only on jail break phones or is it on a normal iPhone? No way can this be on normal iPhone right? No way could Apple screw up this bad.
By the way, the severity of this particular exploit is low. The malware encrypts and uploads the following:
- Current time
- Current infected app’s name
- The app’s bundle identifier
- Current device’s name and type
- Current system’s language and country
- Current device’s UUID
- Network type
It looks a lot more like a proof-of-concept than serious malware.
Reminder, developers - be careful where you get your development tools! (At least the idiots in China who downloaded this should have made sure the checksums matched!)