多个苹果APP感染恶意代码
英语课
Reporter:
Over 350 iOS apps have been affected 1 by the hacking 3, including the widly used baidu music, wechat, and ride-haling didi.
Experts say this attack is so secret that it escaped apple's vetting 4 process.
The hack 2 hinges around Xcode, a tool used to create apps for iOS.
The problem starts when some programmers don't use the Xcode program officially supplied by Apple Inc.
Instead, they downloaded Xcode program through other channels, in which has been implanted malicious 5 code.
Cai Jingjing is from the Expert Committee of the National Vulnerability Database of Information Security.
多个苹果APP感染恶意代码
He says apps constructed with the verified Xcode may be infected with malware.
"We wrote several simple codes with the infected Xcode, like hello world, and then compiled them into a program. A reverse analysis of the program shows the program is implanted with malicious code."
Cai says once apps developed from the verified Xcode are downloaded into the phone, they will collect the phone's information, such as the name of the device, the network type, and its location.
These private information will then be uploaded to a designated website.
On early Saturday morning, an indentified programmer claimed responsibility for the incident.
He made clarification online, justifying 6 his actions as just an experiment, with no aim to spread a virus.
However, Lin Wei, phone security expert, doesn't believe what the programmer says, and suspects him of using the malicious codes for commercial uses.
"We found on September 10 that a massive amount of users had been affected by an app that's very popular domestically. It had been programed with malicious code, and the data had been sent back to the main engine of the virus attacker and finally led to its collapse 7. The programmer was a littler fearful, and deleted and withdrew the code."
The case is under further investigation 8.
Apple has asked affected programmers to withdrew their infected Apps, and advised them to re-program with official Xcode.
So far, no financial losses have been reported.
Experts suggest iPhone users check their apps and delete infected apps, or at least download the latest version. Meanwhile, users are advised to change their passwords for the App Store and for iCloud.
For CRI, this is Sophie Williams .
adj.不自然的,假装的
- She showed an affected interest in our subject.她假装对我们的课题感到兴趣。
- His manners are affected.他的态度不自然。
n.劈,砍,出租马车;v.劈,砍,干咳
- He made a hack at the log.他朝圆木上砍了一下。
- Early settlers had to hack out a clearing in the forest where they could grow crops.早期移民不得不在森林里劈出空地种庄稼。
n.非法访问计算机系统和数据库的活动
- The patient with emphysema is hacking all day. 这个肺气肿病人整天不断地干咳。
- We undertook the task of hacking our way through the jungle. 我们负责在丛林中开路。
n.数据检查[核对,核实]v.审查(某人过去的记录、资格等)( vet的现在分词 );调查;检查;诊疗
- Scripts had to be submitted to Ministry of Information officials for vetting. 必须把脚本提交给信息部官员审查。 来自互联网
- Their purpose in clicking deeper into a site is one of vetting. 他们深入点击网站的目的是一种诊疗。 来自互联网
adj.有恶意的,心怀恶意的
- You ought to kick back at such malicious slander. 你应当反击这种恶毒的污蔑。
- Their talk was slightly malicious.他们的谈话有点儿心怀不轨。
证明…有理( justify的现在分词 ); 为…辩护; 对…作出解释; 为…辩解(或辩护)
- He admitted it without justifying it. 他不加辩解地承认这个想法。
- The fellow-travellers'service usually consisted of justifying all the tergiversations of Soviet intenal and foreign policy. 同路人的服务通常包括对苏联国内外政策中一切互相矛盾之处进行辩护。
vi.累倒;昏倒;倒塌;塌陷
- The country's economy is on the verge of collapse.国家的经济已到了崩溃的边缘。
- The engineer made a complete diagnosis of the bridge's collapse.工程师对桥的倒塌做了一次彻底的调查分析。
n.调查,调查研究
- In an investigation,a new fact became known, which told against him.在调查中新发现了一件对他不利的事实。
- He drew the conclusion by building on his own investigation.他根据自己的调查研究作出结论。
标签:
APP