Hackers have pre-loaded their malware into mirrors of Apple’s IDE for creating iOS and Mac OS X apps. Normally developers can download the XCode development tools directly from Apple. There are however alternative download sites that usually serve mirrors for the IDE. Some of them are the original copy plus some small modifications that users downloading them don’t know about. Known infected applications are include WinZip, PDF Reader, CamCard, Pocket Scanner and many other titles which are usually seen in the China AppStore. Apple is currently working with Palo Alto Networks to help mitigate the issue.
Infected devices allow the owners of the malware to find and get specific data about it. To make things worst the malware is searching to access iCloud credentials. One would think that he/she is safe with Apple’s rigorous application review process but they are not. Apple’s checks prove indeed to be better than the security checks run by Android PlayStore team but these sort of tactics to inject malware on applications done by various trusted developers proved to elude Apple;s last security fence.
