If you’re an iOS user, you have a really dangerous piece of malware to worry about. Called XcodeGhost, it affects stock and jailbroken iOS devices. MacRumors has a FAQ on this new threat, but here’s what you need to know:
A malicious version of Xcode was uploaded to Chinese cloud file sharing service Baidu and downloaded by some iOS developers in China.
Chinese developers then unknowingly compiled iOS apps using the modified Xcode IDE and distributed those infected apps through the App Store.
Those apps then managed to pass through Apple’s code review process, enabling iOS users to install or update the infected apps on their devices.
Lovely. There’s more:
Palo Alto Networks has shared a full list of over 50 infected iOS apps, including WeChat, NetEase Cloud Music, WinZip, Didi Chuxing, Railway 12306, China Unicom Mobile Office and Tonghuashun.
Plus there’s this:
iOS apps infected with XcodeGhost malware can and do collect information about devices and then encrypt and upload that data to command and control (C2) servers run by attackers through the HTTP protocol. The system and app information that can be collected includes:
- Current time
- Current infected app’s name
- The app’s bundle identifier
- Current device’s name and type
- Current system’s language and country
- Current device’s UUID
- Network type Palo Alto Networks also discovered that infected iOS apps can receive commands from the attacker through the C2 server to perform the following actions:
- Prompt a fake alert dialog to phish user credentials;
- Hijack opening specific URLs based on their scheme, which could allow for exploitation of vulnerabilities in the iOS system or other iOS apps;
- Read and write data in the user’s clipboard, which could be used to read the user’s password if that password is copied from a password management tool.
So, if you have any of the apps on Palo Alto’s list, you need to uninstall them right now. Then you should reset your device password and your iCloud password. In the meantime, Apple might want to look at their code review process as these apps passed through it and got out to the world. That’s not good.
UPDATE: Reuters reports that Apple has pulled any and all apps that have this malware.
Volkswagen Caught Using Software To Cheat On Emissions Tests
Posted in Commentary with tags Volkswagen on September 20, 2015 by itnerdIf you have a Volkswagen diesel vehicle and you love the fact that you get lots of torque, great fuel economy, and less emissions, you might have to rethink the last part because Volkswagen is being accused by US regulators on having software that cheats on emissions tests:
The authorities ordered VW to recall 482,000 cars because of the use of so-called defeat devices — which use software to detect when the car is being tested and runs treatments to reduce nitrogen oxides. Once out on the road, the cars were discovered to produce pollutants up to 40 times the legal limits.
Lovely. Affected models include the VW Passat, Beetle and Audi A3 among others. VW has apologized for this and has halted sales of diesel cars. Not to mention removing all references to diesel products from their website. Though you can find what was removed via Google Cache where the company said this among other things:
Today’s diesel fuel is cleaner than ever. It goes by the name ULSD – Ultra Low Sulphur Diesel. Cleaner than gasoline and odourless too, when you combine its cleanliness with the clean technology integrated into the TDI Clean Diesel you’ve got an environmental idol. In fact, TDI Clean Diesels produce 90% less sooty emissions than diesel engines of old.
Clearly that’s not true. Now I could say all sorts of things about how evil VW is, and how they will deserve whatever punishment they’re about to get from the US Government. But I think that I would be focusing on the wrong thing. The question that I should be asking is how many other car companies are doing something like this?
Leave a comment »