Apple s got a couple of security issues on its plate: The company has had to pull apps from its App Store after a malware discovery. And someone s offering a $1 million bounty for hacking into iOS 9.
Apple has pulled a number of apps after a major attack on its App Store. The apps, including the popular WeChat, were embedded with malware called XcodeGhost because Chinese app developers used a third-party version of Apple s Xcode tools. Information from affected devices could be uploaded to outside servers.
A security researcher from Palo Alto Networks wrote Friday about the discovery of the problem, noting that it is the sixth time malware has made it through to Apple s App Store. The researcher, Claud Xiao, noted that some Chinese developers choose to get Apple s Xcode installer from other sources because of slow network speeds in China. Palo Alto Networks has a list of affected apps.
Meanwhile, Wired reports that a new security firm called Zerodium has offered a $1 million bounty to anyone who can hack into Apple s recently released iOS 9. The conditions, according to Wired: The terms of the offer include the demand that the bug not be reported to Apple or publicly disclosed, the better to allow Zerodium s customers to use the technique in secret.
Zerodium founder Chaouki Bekrar also founded French hacking firm Vupen, which finds flaws but doesn t report them to companies so they can be fixed. Instead, Vupen develops hacking techniques based on the bugs and then sells them to governments and other businesses.
Photo: A poster touts the many apps available for iOS users. (Associated Press)