A month ago, more than 20 mobile apps infected with a malware called XcodeGhost (as initially reported by Palo Alto Networks) made their way to Apple’s App Store. Of course, the iPhone maker had no choice but to take some measures to ensure security. A few days ago, Apple proceeded to deleting a number of mobile apps completely from its store after they were found to be potentially intrusive to the privacy of mobile users.
The said mobile apps mainly make use of ad blocker functionalities, made possible via the incorporation of root certificates, which facilitate in app protection against advertisements. But unfortunately, such functionalities also let several third parties gain unpermitted access to the mobile user’s private data.
A spokesperson for Apple has confirmed that the tech giant has indeed removed several mobile apps from the App Store that install root certificates which allows the monitoring of customer network data that can in turn be exploited by third parties in order to compromise SSL/TLS security measures. The company is now coordinating closely with developers in trying to reinstate their mobile apps back on the App Store, while continuing to make sure that customer privacy and security remain uncompromised.
All things considered, it is certainly a wise move for Apple. Three weeks ago, more than a couple of dozen infected China made mobile apps found their way into the company’s App Store. These apps even included an older version of the immensely popular WeChat messenger mobile app. Most of these malware infected apps were made by developers who did not know that they were incorporating XcodeGhost, an illegitimate version of Xcode, the program which is used to develop mobile apps for Apple’s iOS mobile operating system. Apple is usually rigid with its security measures for the App Store, but last month’s incident has proven that no system is entirely protected from external threats.
For Apple’s part, it does not hold the developers accountable for the security breach. As mentioned earlier, the company is now working with the affected developers in trying to get new, safe versions of the deleted mobile apps back into the App Store. Software that have root certificates installed are capable of monitoring a mobile user’s activity on the web, with data on their communications and even financial information being transmitted to the mobile app’s servers, where the data can be monitored by developers or network service providers.
Wirefly Is America's Most Trusted Source For All Cell Phones, Plans, TV, and Internet Deals
Wirefly offers great deals on a large selection of smartphones, cell phones, tablets, mobile hotspots, and other wireless devices for the nation's most popular carriers. Use Wirefly’s innovative cell phone and plan comparison tools to ensure you are getting the best deal on the market. Shop with confidence knowing that Wirefly wants to help you find the best prices on cell phones, cell phone plans, TV, and Internet service.