正确的提示信息

扫码打开虎嗅APP

从思考到创造
打开APP
搜索历史
删除
完成
全部删除
热搜词
2015-09-22 17:58

XcodeGhost is haunting China

Not long ago, when Tencent Security Response Center (TSRC) was fixing a bug, it found that some apps were sending user information to certain domain. TSRC reported this problem to CNCERT, China’s national internet security response center, and CNCERT released a warning.


It turned out that some app developers did not download Xcode package from official providers, but from internet. Unofficial Xcode package was implanted some malicious codes, and then become a new OS X and iOS malware. Alibaba researchers then posted an analysis report on the malware, giving it the name XcodeGhost.


XcodeGhost infected many popular apps including WeChat, Didi Chuxing and Highmoralmap. WeChat then issued a notification that the newest WeChat version has already solved this problem, and there is no reported loss so far. Following notification by Palo Alto Networks of malicious files hosted on their file sharing services, Baidu has removed all of the files.


On September 19th, a day after this event stirred China’s social media, a man claimed to be the writer of XcodeGhost appeared on the Internet, and said XcodeGhost was only an experiment of his. He said he has already deleted all data and shut down the server. XcodeGhost would not cause further damage to users, according to the writer.


However, Chinese users are still angry and panic at the same time. Apple Inc. has not responded to this event yet.

本内容为作者独立观点,不代表虎嗅立场。未经允许不得转载,授权事宜请联系 hezuo@huxiu.com
如对本稿件有异议或投诉,请联系tougao@huxiu.com
打开虎嗅APP,查看全文

大 家 都 在 看

大 家 都 在 搜

好的内容,值得赞赏

您的赞赏金额会直接进入作者的虎嗅账号

    自定义
    支付: