October 05, 2015 by Jeff Bernstein
The recent exploitation of Xcode, Apple’s software development kit, primarily affected mobile apps distributed to users in China. For this reason the vast majority of Apple users outside of China have avoided compromise associated with this hack. With that said, if a company with the depth of resources, controls and security assurance processes like Apple can fall victim to this type of scheme, then it can happen to almost any organization. This event should serve as a wake-up call for anyone that utilizes any type of smartphone. But what should users do?
The infected mobile apps are capable of tricking customers into providing their usernames, passwords and possibly other personal information. Some reports have said that as many as a several hundred apps were infected, while other reports have said it's less than 100. Because of the confusion and lack of clarity regarding the extent of the hack, T&M Protection Resources, integrated security and intelligence services provider for over 30 years, is advising to proactively take corrective measures immediately. They recommend that users immediately uninstall any of the infected apps. For users that believe that they may be compromised, they are also recommending malware analysis of their devices along with password resets on all digital accounts. Users of compromised devices may notice subtle changes to their smartphones which could include dropped calls, poor performance, deficient battery life and the like. Special attention should be paid to device and data plan usage and fees because compromised accounts may show spikes. Equal attention should be paid to bank and credit account statements which may indicate the existence of unauthorized payments.
Users that are unsure should contact Apple, their carrier or T&M Services directly. Additionally, mobile security education should be implemented to staff, such as the mobile security awareness best practice module created by Global Learning Systems.
All users need to be vigilant about protecting their devices and personal data and should also adopt the following best-practices:
- Use complex passwords;
- Enable strong authentication and encryption whenever possible;
- Utilize secure-connectivity only (avoid use of unknown, untrusted or open networks);
- Use device access passwords and timed lock-out schemes;
- Utilize trusted social networks only (meaning don’t allow any stranger into your network just because they asked to come in);
- Be selective about application use and termination of permissions for applications not used;
- Avoid loss, theft and/or unauthorized access to the device; and
- Regularly update software utilized.