What Is The Malware That Hit Apple. And How To Debunk It

For the first time a virus has hit the Apple ecosystem, so far never violated: on September 17th 85 apps on the Apple Store were infected with malware, a malicious software that, generating pop up and false requests for information, is in Among these are also some widely distributed apps, such as Angry Birds 2 and WeChat, which in China (apparently the virus spread point) has over 500 million users.

What happened?

The analysts of the company Palo Alto Network, which deals with cybersecurity, found the breach and revealed it. The cause has been detected: a corrupt version of Xcode (called XcodeGhost) put into circulation by some crackers (a hacker with bad intentions) that was mistakenly used by developers to program their apps.

Xcode is a key software for the development of applications for iOS, Apple’s mobile operating system, iPhone and iPad. Usually you download directly from Apple’s website, but some programmers, to do it faster for example, download it from other unofficial sources (download from Apple servers can be very long). In this case the corrupt version of Xcode has been downloaded from Baidu’s filesharing site in China.

In fact, the damage caused by the virus does not seem to be significant, but Apple has the problem of how to stem any other attacks that come from software programmed by third-party developers, who are not under the direct control of the company.

9 PHOTOS Photogallery Computer Pirates: 8 techniques of attack GO TO THE GALLERY

Photogallery Computer Pirates: 8 attack techniques 44% of Italian computers are attacked during web browsing: this is what is found in the Clusit 2013 report on computer security. Our country would be the first in Europe by number of attempts to intrude, while at the last place of this reverse ranking are the Danes with 20% attacks on the total of their navigators.

According to the study, this is because we are particularly unprovoked and careless to protect our so-called sensitive data, and in this way, information, various pins and passwords fall into the hands of others. And it seems that all this costs the country 10-15 billion euros a year, between direct damage to individuals and companies, time, costs for complaints and investigations.

What are the most common attacks? Malicious and pirates have several intrusion techniques available. The banal – and very frequent! – access to the contents of a computer left on in the evening or on lunch break, and excluding the theft of portfolios and mobile phones where we have unwisely noted the pin of the ATM and the password While we are surfing the internet, even via tablet or smartphone, we are on a link, behind which there is a fraud-lady program that will allow the hacker to enter our computer. Just one click to activate it.

The solution: a good antivirus – there are also great free. And the golden rule of “not accepting candy from strangers” is always worth it, so it is better to avoid suspicious sites and links. In the pages of a site we trust has been entered malicious code (malware) that, for example, will ensure that the data sent – such as what is typed in the username and password boxes of a web page – come

The solution: update your browser. The new versions have a shield against this type of attacks. Adv It is a very widespread and relatively easy espionage technique: the pirate takes information about us via the Internet, taking advantage of the traces we leave on social networks. And then he uses them to get passwords and other sensitive data.

The solution: use different nicknames and passwords for the various sites you visit. And leave as little personal information as possible in registration forms and online documents. It is a devious technique that, when clicking on a link to a known site, allows you to redirect navigation to a “clone” site, fraudulent, without being able to recognize it as false.

The solution: firewalls and antiviruses (also free) can help. But you also need to be careful that the site where sensitive data is entered, such as your credit card number, has a security certificate (if it is missing, it is usually reported by firewalls and browsers) or uses the https protocol (http secure) instead of It manifests itself by an email from an institution or institution that is really existing (the bank, the social network preferred, the credit card provider etc.) that invites us to click on a link and enter username and password later. But it’s a fake, art-built to trick us into getting our data.

The solution: no bank (and even the Post Office) will ever ask us to open a site by email and enter our password! As for social networks, you have to be careful at the address that opens by clicking the link of the email: it may differ from the original of a single letter. Adv Indicates the ability to deduce information from what you learn. In this case, pirates do not need a malware to get into our computer and collect the data they want. To get dates of birth and other information that helps you get a password, just observe us and study our behavior. The boldest ones also move to rummaging through the trash, that is, among the documents finished in the trash and that for a while remain recoverable even if the trash was emptied.

The solution: almost all antivirus (even many of those free) and computer management and optimization software allow you to carry out a “deep deletion” of the documents to be thrown away and of what could still be recovered from the trash. And it is best to avoid too many confidencies with people known only online. It consists of fake your identity: it ranges from fake your IP address (to join a computer network) to phone number to send misleading messages (spoofing SMS).

The solution: an updated firewall and common sense can help against spoofing, which remains one of the most dangerous intrusion techniques. The malware is located on a USB stick (or another similar device): inserted the flash drive into the computer, malicious software starts and allows the pirate to put his nose in our business, without our complete knowledge.

The solution: Before connecting a device (keys, disks, memories) it is better to ensure that the antivirus is updated. Adv Insights Engines By Car with Pirate (informatic) Economy Finance increasingly at risk of cyber attacks Digital Life The hacker of aircraft: flights are at risk? Digital Life Smartphone One: Obama’s supersafe mobile phone 9 PHOTOS Innovation Computer Pirates: 8 Techno-Products attack techniques Virus Danger for Mac Digital Life La Cia ci

What did Apple say?

Apple immediately announced that it was aware of the problem. In an email sent to Reuters spokesperson Christine Monaghan explained: ♪ To protect our customers we have removed from the Apple Store apps that we know have inside the corrupt software and we are working with developers to ensure There are over 300 apps deleted from Apple, although the infected apps seem to be only 85.

How to make up for the infection?

Preface: It is difficult for Italian iPhones to be involved in the attack. The American company has not issued an official statement on what to do to protect the devices; however, the experts of Palo Alto Network recommend some procedures to avoid problems.

1 – Change your personal Apple account password, to access iTunes and Apple Store and shop. Adding a two-part authentication would make it even safer.

2 – Update all infected apps for iPhone and iPad: the companies that develop them have loaded versions with the correct code on the App Store.

3 – Do not respond to requests for information (personal data, login, password) coming from any alerts, popups and dialogs connected to 85 apps. And in general, always be careful about these requests, even those that arrive on the email.

How does XcodeGhost put iOS devices at risk?

Applications infected with XcodeGhost malware can collect information about devices, encrypt them and send them through HTTP protocol on attackers’ servers.

The information collected shall include, inter alia:

Timer Name of the infected app Device type and name Language and country of the Universal Unique Identification Device (UUID)

Infected apps may also receive commands to perform certain operations including:

Start a fake credential pop up request to do phishing Read and write data to the system’s clipboard; this aspect is particularly disturbing and dangerous because the clipboard is used by password management software to copy and paste credentials In these cases, having access to the clipboard is like having access to all passwords.

8 PHOTOS Photogallery The biggest electronic battles ever GO TO THE GALLERY

Leave a Reply

Your email address will not be published.

You May Also Like