Daily Archives: September 22, 2015

Malware on the (Chinese) App Store

Here is a comment I wrote regarding the recent discover of apps containing malware on the Chinese App Store.

1. This is the first such event in over 7 years (and Billions of downloads) of the App Store’s existence, unlike the almost daily occurrence on other platforms.

2. You correctly didn’t echo the false and sensationalized comments of an “attack” on the App Store, as there was no attack.

3. This was limited to Chinese developers circumventing several Apple safeguards. Not that Apple shouldn’t be able to (ultimately) catch this, and they did, but developers should know better than to turn off Gatekeeper, download Xcode from unauthorized servers, and then not check it’s authenticity. Any of these measures would have prevented such an occurrence.

4. Not making excuses but given the security measures within the iOS environment, these apps did virtually no damage. Here’s a quote: Palo Alto Networks Director of Threat Intelligence Ryan Olson claims the impact was likely negligible, with no reports data theft, or “other harm.”