Apple keeps on trying to make their App Store free from malware apps. Ever since they launched the App Store, they always review every single app before it is approved, related to the app quality and capability, its security, and more. For years, the App Store is well-known for the apps quality and security, but over the last two months, the researchers have found thousands of apps that could have potentially stole the data from iOS devices. While the apps were not stealing data, security experts said it would have been trivial for attackers to configure them to do so.
This thing makes the enterprise worry, because their iPhone’s data and password or the other iOS devices can be stolen easily through malware apps. Their concern based on the latest data from the researcher company, like it was reported on Wednesday, FireEye said it discovered 2,800 apps in the U.S, and Chinese versions of the App Store that contained a potentially malicious code library used to deliver advertisements. In mid-September, Palo Alto Networks found 39 apps that contained a modified version of Apple’s Xcode development tool, better-known as the XcodeGhost. The mobile security company Appthority found 476 apps infected with XcodeGhost. Then FireEye said the problem was much worse: it uncovered 4,000 apps containing XcodeGhost. Currently, the infected applications act as malware and only show the ads, but like it was mentioned before, it can be worse if the security hole keeps opening.
The larger question is how the apps were able to bypass Apple’s review. Claud Xiao, a security researcher at Palo Alto Networks, said how Apple reviews apps for security is largely a mystery. This issue needs a serious attention from Apple, especially during the review process, so they can be able to detect these malware apps better. The hackers will keep trying to upgrade their malicious code, so it will more difficult for Apple. We hope Apple can face the challenge to keep App Store malware-free.
Source: PC World