xCode Ghost iOS malware

The “most secure” mobile operating system and app store is taking some hits.

Over the last handful of days it has been discovered that hundred and perhaps thousands of apps created for iOS and approved for the appstore may also contain trojan code inserted into libraries of a modified Apple development tool. The developers of the XcodeGhost were able to talk to affected apps without the developers’ knowledge and possibly siphon off user and device information.

For more check out Lookout’s blog: XcodeGhost Apps¬†which lists a number of confirmed affected apps and a number that may also be affected.

New “Porn App” takes pictures of users for blackmail

A new app not available from any reputable app store “Adult Player” was identified by Zscaler as: a) not delivering the porn that the user was expecting, b) stealthily taking pictures of the user and c) threatening to post the pictures along with their porn-seeking activity online or else they will lock the phone on the user.

Currently the app has failed to pass muster at the Google Play store, but it has been found to be available for direct download online. Unlike many of the other ransomware products out there, users, after paying the $500 are also not getting their phone/data unlocked.