It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Apple's App Store in China infected with CIA code?
page: 13
share:
Another hacking story makes the news, this one with a bit of a twist.
Apple's App Store infected with XcodeGhost malware in China
Interesting stuff, but it says nothing about the CIA, right? Well here comes the bit of a twist...
About six months ago I read an article on Glenn Greenwald's theIntercept about the activities of the CIA -
ispy - cia campaign to steal apples secrets
So, now we know how intelligence agencies would get developers to use the poisoned version of xcode - post links on the internet.
The exact thing the CIA was attempting to do appeared online around the same time that the article was released. And it just happens to have been targeting a country that Washington doesn't like.
Make of that what you will.
OH
More info:
Malware XcodeGhost Infects 39 iOS Apps, Including WeChat, Affecting Hundreds of Millions of Users
Novel Malware XcodeGhost Modifies Xcode, Infects Apple iOS Apps and Hits App Store
Update: XcodeGhost Attacker Can Phish Passwords and Open URLs through Infected Apps
Apple's App Store infected with XcodeGhost malware in China
Apple's App Store infected with XcodeGhost malware in China Apple has said it is taking steps to remove malicious code added to a number of apps commonly used on iPhones and iPads in China.
It is thought to be the first large-scale attack on Apple's App Store.
The hackers created a counterfeit version of Apple's software for building iOS apps, which they persuaded developers to download. Apps compiled using the tool allow the attackers to steal data about users and send it to servers they control.
Cybersecurity firm Palo Alto Networks - which has analysed the malware dubbed 'XcodeGhost'
Developers targeted
The malware was initially flagged by researchers at the Chinese e-commerce firm Alibaba.
It discovered that the hackers had uploaded several altered versions of Xcode - a tool used to build iOS apps - to a Chinese cloud storage service.
Then, about six months ago, the attackers posted links to the software on several forums commonly visited by Chinese developers.
Interesting stuff, but it says nothing about the CIA, right? Well here comes the bit of a twist...
About six months ago I read an article on Glenn Greenwald's theIntercept about the activities of the CIA -
ispy - cia campaign to steal apples secrets
RESEARCHERS WORKING with the Central Intelligence Agency have conducted a multi-year, sustained effort to break the security of Apple’s iPhones and iPads, according to top-secret documents obtained by The Intercept.
The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,”...
The security researchers also claimed they had created a modified version of Apple’s proprietary software development tool, Xcode, which could sneak surveillance backdoors into any apps or programs created using the tool.
The modified version of Xcode, the researchers claimed, could enable spies to steal passwords and grab messages on infected devices.
Researchers also claimed the modified Xcode could “force all iOS applications to send embedded data to a listening post.”
It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.
So, now we know how intelligence agencies would get developers to use the poisoned version of xcode - post links on the internet.
The exact thing the CIA was attempting to do appeared online around the same time that the article was released. And it just happens to have been targeting a country that Washington doesn't like.
Make of that what you will.
OH
More info:
Malware XcodeGhost Infects 39 iOS Apps, Including WeChat, Affecting Hundreds of Millions of Users
Novel Malware XcodeGhost Modifies Xcode, Infects Apple iOS Apps and Hits App Store
Update: XcodeGhost Attacker Can Phish Passwords and Open URLs through Infected Apps
edit on 21-9-2015 by OratoryHeist because: extra links to
Palo Alto Networks
I don't get it? If the CIA wants to break Apple's encryption, why don't they ask the NSA?
I operate under the assumption that any encryption (with enough money and resources) can be broken. I would never fool myself into believing anything digital is ever truly "secure".
I operate under the assumption that any encryption (with enough money and resources) can be broken. I would never fool myself into believing anything digital is ever truly "secure".
edit on 21-9-2015 by MystikMushroom because: (no reason given)
originally posted by: MystikMushroom
I don't get it? If the CIA wants to break Apple's encryption, why don't they ask the NSA?
I operate under the assumption that any encryption (with enough money and resources) can be broken. I would never fool myself into believing anything digital is ever truly "secure".
You must read quickly.
Have a read thru the articles. The modification of Xcode does more than break encryption. It allows various bits of information to be collected from the device and then it sends that information to a command and control server.
Since the attack was in China.
It sounds more like the hackers were interested in getting logins from the chinese.
And I wouldn't put it past the Chinese government being behind this either. Getting logins in order to fish out dissenters.
It sounds more like the hackers were interested in getting logins from the chinese.
And I wouldn't put it past the Chinese government being behind this either. Getting logins in order to fish out dissenters.
originally posted by: MystikMushroom
I don't get it? If the CIA wants to break Apple's encryption, why don't they ask the NSA?
I operate under the assumption that any encryption (with enough money and resources) can be broken. I would never fool myself into believing anything digital is ever truly "secure".
Well, if you want to keep decrypting apple's stuff, all you would have to do is let apple and its users think they can't decrypt the information and that's why they are making it public and throwing money at it. It's a disinformation game.
Cheers - Dave
Another hacking story makes the news, this one with a bit of a twist.
What one has to bear in mind at all times with stories about who is and who isnt corrupting code, putting back doors in etc and etc in China, is that the problem would never have arisin all had the US not offshored Americian jobs to China during the 1970's and 80's.
Some may recall that super secret object came down in Iran and it was widely suspected that China put a back door into the componetery and borught it down in Iran who poomtly handed it back to the Chinese.
Because the US offshored Americian industry to china, they have noone bar themselves to blame for such events. This is occuring because of there very short sighght approach to policy just like it is in other areas.
The US is merely reaping what it sowed, nothing less.
Apple's App Store infected with XcodeGhost malware in China[/url]
What one has to bear in mind at all times with stories about who is and who isnt corrupting code, putting back doors in etc and etc in China, is that the problem would never have arisin all had the US not offshored Americian jobs to China during the 1970's and 80's.
Some may recall that super secret object came down in Iran and it was widely suspected that China put a back door into the componetery and borught it down in Iran who poomtly handed it back to the Chinese.
Because the US offshored Americian industry to china, they have noone bar themselves to blame for such events. This is occuring because of there very short sighght approach to policy just like it is in other areas.
The US is merely reaping what it sowed, nothing less.
The article is 3 years old. It is just as likely that chinese hackers read the article and had the means to pull itoff.
I doubt the cia would have benefited from rogue hackers getting their job done. I mean, it's apple anyway. what are you gonna get. someones snapchat and zello records. if they wanted the real meat, they'd go after android.
I doubt the cia would have benefited from rogue hackers getting their job done. I mean, it's apple anyway. what are you gonna get. someones snapchat and zello records. if they wanted the real meat, they'd go after android.
I just think it's foolish to believe any electronic method of communication is secure, ever.
new topics
-
God's Righteousness is Greater than Our Wrath
Religion, Faith, And Theology: 2 hours ago -
Electrical tricks for saving money
Education and Media: 5 hours ago -
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News: 6 hours ago -
Sunak spinning the sickness figures
Other Current Events: 7 hours ago -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues: 7 hours ago -
Late Night with the Devil - a really good unusual modern horror film.
Movies: 9 hours ago -
Cats Used as Live Bait to Train Ferocious Pitbulls in Illegal NYC Dogfighting
Social Issues and Civil Unrest: 11 hours ago
top topics
-
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News: 6 hours ago, 9 flags -
Florida man's trip overseas ends in shock over $143,000 T-Mobile phone bill
Social Issues and Civil Unrest: 17 hours ago, 8 flags -
Cats Used as Live Bait to Train Ferocious Pitbulls in Illegal NYC Dogfighting
Social Issues and Civil Unrest: 11 hours ago, 8 flags -
Electrical tricks for saving money
Education and Media: 5 hours ago, 4 flags -
Bobiverse
Fantasy & Science Fiction: 17 hours ago, 3 flags -
HORRIBLE !! Russian Soldier Drinking Own Urine To Survive In Battle
World War Three: 15 hours ago, 3 flags -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues: 7 hours ago, 3 flags -
Sunak spinning the sickness figures
Other Current Events: 7 hours ago, 3 flags -
Late Night with the Devil - a really good unusual modern horror film.
Movies: 9 hours ago, 2 flags -
The Good News According to Jesus - Episode 1
Religion, Faith, And Theology: 12 hours ago, 1 flags
active topics
-
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News • 40 • : ThatSmellsStrange -
Cats Used as Live Bait to Train Ferocious Pitbulls in Illegal NYC Dogfighting
Social Issues and Civil Unrest • 20 • : Asher47 -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues • 12 • : Asher47 -
Electrical tricks for saving money
Education and Media • 4 • : Lumenari -
New whistleblower Jason Sands speaks on Twitter Spaces last night.
Aliens and UFOs • 54 • : Ophiuchus1 -
DONALD J. TRUMP - 2024 Candidate for President - His Communications to Americans and the World.
2024 Elections • 514 • : WeMustCare -
The Acronym Game .. Pt.3
General Chit Chat • 7744 • : bally001 -
Truth Social goes public, be careful not to lose your money
Mainstream News • 128 • : Astyanax -
Sunak spinning the sickness figures
Other Current Events • 5 • : glen200376 -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs • 44 • : MikeDeGrasseTyson
3