Protect yourself from massive iOS security breach | Cult of Mac

Protect yourself from massive iOS security breach

By

False versions of Xcode may have gotten into your apps; here's how to fix the problem.
False versions of Xcode may have gotten into your apps; here's how to fix the problem.
Photo: Apple

Apple has now been affected by the worst security snafu in iOS history when it found that hundreds of apps, mostly in the Chinese App Store, have malicious code in them, called “XcodeGhost.”

Apple’s pulled the affected apps from the App Store to contain the security breach, but you’ll still need to take a few more steps to make sure your iOS devices aren’t affected. Here’s what you need to do.

The otherwise legit apps were infected by developers who used a counterfeit version of Xcode from Chinese file-sharing service, Baidu, since it was faster to download than the official Apple version of Xcode. Doing so, however, caused the bad code to proliferate and cause this massive iOS security breach.

Since Apple doesn’t allow access to any API’s that a security company would need to know whether malicious code was in any installed apps, says mobile security firm Lookout, you have to protect yourself manually.

  • First off, keep an eye out for any odd dialogue boxes that show up on your screen. Don’t enter any information without being sure of the source.
  • If you’re running any of the affected apps — full list here — delete them and wait for a developer patch.
  • If any of the listed apps is on your iPhone or iPad, change your Apple account password and be wary of any phishing attempts to get it.

Source: Lookout