[E208]Apple’s iOS app store hit with first major malware attack

Apple is involved in a massive cleanup of its iOS App Store to remove malicious[ 恶意的；恶毒的；蓄意的；怀恨的] software which has infected[被感染的] numerous[许多的，很多的] iPhone and iPad programs, according to reports. The malware[恶意软件], dubbed[被称为的；译制的] XcodeGhost, was discovered by several cyber security companies, which found it embedded[嵌入式的；植入的；内含的] in hundreds of legitimate[合法的；正当的；合理的；正统的] apps. It is the first reported case of large numbers of malicious[ 恶意的；恶毒的；蓄意的；怀恨的] software programs making their way past Apple’s stringent[严厉的；迫切的；银根紧的] app review process. Before this attack, just five malicious[ 恶意的；恶毒的；蓄意的；怀恨的] apps had ever been found in the app store, according to Palo Alto Networks Inc.

We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.

Apple spokeswoman Christine Monaghan

The hackers embedded[嵌入式的；植入的；内含的] the malicious[ 恶意的；恶毒的；蓄意的；怀恨的] code in these apps by convincing[使相信；使明白] developers of legitimate software to use a tainted[污染的；感染的], counterfeit[赝品；冒牌货；伪造品] version of Apple’s software for creating iOS and Mac apps, which is known as Xcode, Apple said. Palo Alto Networks director of threat intelligence[威胁情报] Ryan Olson said the malware[恶意软件] had limited functionality[有限的功能] and his firm had uncovered no examples of data theft[数据盗窃,资料窃取,数据窃取] or other harm as a result of the attack. Still, he said it was “a pretty big deal” because it showed the app store could be compromised if hackers infected the machines of software developers writing legitimate apps. Other attackers may copy that approach, which is hard to defend against[防卫，保卫；抵抗], he said.