Re: Apple Brass Reportedly Hushed Up iPhone Hack!
This is scary as hell, and shame on Apple, and, for that matter, any other company who decides to take that route! Pam.toggle quoted messageShow quoted text
Sent: Sunday, May 16, 2021 6:52 PM
Subject: [TechTalk] Apple Brass Reportedly Hushed Up iPhone Hack!
Happy Sunday Everyone!
I just came across this scary BUT interesting article, I thought I would share.
Apple Brass Reportedly Hushed Up iPhone Hack
Millions of phones affected
Published May 11, 2021 11:23AM EDT
fact checked by
Apple executives didn't tell users about a 2015 hack of 128 million iPhones, according to a new report.
The hack was first uncovered when Apple employees started looking into malicious App Store apps, according to
Eventually, the company found 2,500 malicious apps that had been downloaded 203 million times.
News that Apple knew of the hacking came recently during Epic Games' ongoing lawsuit. An
email entered into court
shows that managers were aware of the problem. "...Due to the large number of customers potentially affected, do we want to send an email to all of them?"
Matthew Fischer, vice president of the App Store, wrote in the email. However, the hacks were never made public by Apple.
The malicious apps were developed using a counterfeit copy of Apple's iOS and OS X app development tool, Xcode. The fake software put harmful code alongside
normal app functions.
Once the code was installed, the iPhones slipped out of the control of their owners. The iPhones communicated with a remote server and revealed device
information, including the infected app's name, the app-bundle identifier, network information, the device's "identifier for vendor" details, and the device
name, type, and unique identifier, Ars Technica reported.
Observers were critical of Apple's decision not to inform users about the hack.
"Seems they feared public outrage and backlash more than standing up and telling customers about the potential risks involved."
"The key here for Apple is to clearly outline the impact to the end-user and not just send out a technical alert and update that is embedded in their release
notes," Setu Kulkarni, a vice president at
cybersecurity firm WhiteHat Security,
said in an email interview.
The hacks highlight potential security problems with apps, Dirk Schrader, a vice president at cybersecurity firm
New Net Technologies,
said in an email interview.
"Both large app stores, Google's Play Store, as well as Apple's, are essentially a large malware distribution platform if not managed well," he added.
"That email, and Apple's decision not to inform customers and the public, demonstrates what that means. Seems they feared public outrage and backlash more
than standing up and telling customers about the potential risks involved."
Thanks for letting us know!
Peace Be With You.
This email has been checked for viruses by AVG.