Richardcyoung.com

The Online Home of Author and Investor, Dick Young

  • Home
  • How We Are Different
  • About Us
    • Foundation Principles
    • Contributors
  • Investing
    • You’ve Read The Last Issue of Intelligence Report, Now What?
  • Your Survival Guy
  • The Great Reset
  • My Rifles
  • Concentrate on Dividend Record and Compounding
  • Your Security
  • The Swiss Way
  • Dick Young
  • Debbie Young
  • Key West
  • Paris
  • Dick’s R&B Top 100
  • Liberty & Freedom Map
  • Your Health
  • Old Confederacy
  • Main Street Conservative
  • BLM’s Marxist Agenda
  • Ron Paul
  • Bank Credit & Money
  • Freedom Force

iPhone iOS9 Hack and Chinese Malware

September 23, 2015 By E.J. Smith - Your Survival Guy

Want to earn a cool million? Are you familiar with a security breach at Apple’s app store? I was clued in to these stories from our in-house systems and network manager. A security firm is offering up the million dollar bounty, the largest to date and capped at $3 million, for the successful hack. “Rather than report vulnerabilities in software to the companies that make it to help fix hackable bugs, Vupen develops hacking techniques based on those bugs and typically sells them to multiple government customers,” reports Wired. In a separate report from Wired, there are concerns related to how bugged Chinese apps made their way onto Apple’s app store.

The $1 million bounty:
AS LONG AS hackers have sold their secret hacking techniques known as zero-day exploits to government spies, they’ve generally kept that trade in the shadows. Today it’s come into the spotlight with the biggest bounty ever publicly offered for a single such exploit: $1 million for a technique that can break into an iPhone or iPad running Apple’s freshly released iOS 9.

On Monday, a new security industry firm known as Zerodium announced that it will pay that seven-figure sum to anyone who gives the company a hacking technique that can take over an iOS device remotely, via a web page the victim visits, a vulnerable app on the victim’s device, or by text message. The company says it’s willing to pay the bounty multiple times, though it may cap the payouts at $3 million.

“Due to the increasing number of security improvements and the effectiveness of exploit mitigations in place, Apple’s iOS is currently the most secure mobile OS,” reads the

statement on Zerodium’s website announcing the bounty. “But don’t be fooled, secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here’s where the Million Dollar iOS 9 Bug Bounty comes into play.”

Bugged Chinese Apps get into Apple’s App store:

THE APPLE ECOSYSTEM is well known for very rarely letting any dodgy apps enter it because of the company’s stringent security checks.

But recently, nearly two dozen malicious pieces of software managed to get hosted on the App Store, and subsequently downloaded by Chinese users. This is because attackers found an unorthodox route to exploit: they targeted some versions of the software used by developers to makes apps for iOS and OS X in the first place.

The Hack
The malware was first highlighted by Chinese developers on Weibo, and was then analyzed by researchers from Alibaba. Security company Palo Alto Networks then verified the results.

The hack all hinges around Xcode, a tool used to create iOS and OS X apps. Typically, Xcode is downloaded directly from Apple for free. However, it is possible to get Xcode from other sources too, such as developer forums. Some versions of Xcode found on Baidu Yunpan, a Chinese file-sharing service, come packaged with extra lines of code. The Alibaba researchers have dubbed these malicious variants “XcodeGhost.”

Related Posts

  • Stun Gun iPhone Case
  • Ditch your iPhone
  • How to Protect Your iPhone
  • Author
  • Recent Posts
E.J. Smith - Your Survival Guy
E.J. Smith is Founder of YourSurvivalGuy.com, Managing Director at Richard C. Young & Co., Ltd., a Managing Editor of Richardcyoung.com, and Editor-in-Chief of Youngresearch.com. His focus at all times is on preparing clients and readers for “Times Like These.” E.J. graduated from Babson College in Wellesley, Massachusetts, with a B.S. in finance and investments. In 1995, E.J. began his investment career at Fidelity Investments in Boston before joining Richard C. Young & Co., Ltd. in 1998.

E.J. has trained at Sig Sauer Academy in Epping, NH, NH, where he completed course-work in Practical and Defensive Handgun, Conceal Carry Pistol, Shotguns, Precision Scope Rifle and Kidnapping Prevention.

E.J. plays a Yamaha Recording Custom drum set with Zilldjian cymbals. His first drum set was a 5-piece Slingerland with Zilldjians. He grew-up worshiping Neil Peart (RIP) of the band Rush, and loves the song Tom Sawyer—the name of his family’s boat, a Grady-White Canyon 306. He grew up in Mattapoisett, MA, an idyllic small town on the water near Cape Cod. He spends time in Newport, RI and Bartlett, NH—both as far away from Wall Street as one could mentally get. The Newport office is on a quiet, tree lined street not far from the harbor and the log cabin in Bartlett, NH, the “Live Free or Die” state, sits on the edge of the White Mountain National Forest. He enjoys spending time in Key West and Paris.

Please get in touch with E.J. at ejsmith@yoursurvivalguy.com
Latest posts by E.J. Smith - Your Survival Guy (see all)
  • Are $2,000 Checks Going to Rebuild NYC? - January 15, 2021
  • How Are You Doing on a Local Level? - January 14, 2021
  • Love at First Shot: Daria Bruno Featured on NRA Show - January 14, 2021

Dick Young’s Must Reads

  • How S.D. Surged in Vaccination Inoculations
  • Top 10 Political Books #1: The Declaration of Independence and the Constitution of the United States of America
  • A Look at the Future of Main Street America
  • Robo-Advisors: When You Have a Lot More to Lose than Money
  • California’s Progressive Liberals Have Created a Monster
  • Why Black Lives Matter Needs to Be Shut Down
  • Escape From the City: You’re Going to Like What You See
  • The Simple, Elegant Power of the Retirement Compounders
  • Who Are Those Urging Violence?
  • Sen. Hawley Makes the Case Against U.S.-China Relationship

Disclosure

RSS Youngresearch.com

  • The Fed is Sacrificing Retirees to Save the Banks
  • Jim Simons’s Renaissance Technologies vs. Internet Forum Traders
  • February RAGE Gauge: Americans Focusing on What’s In Front of Them
  • Biden Plans to Spend Trillions More on COVID-19 Stimulus
  • There’s Always a Way Forward for Americans Like YOU
  • Overtaken By Nvidia, Intel Fires Bob Swan
  • Do You Remember When NASDAQ Dropped by 82%?
  • Downcast Small Business Owners Prepare for a Difficult Four Years
  • Don’t Be on Their Radar, Get Out of Debt Now
  • Business Owners Must Reassess Relationship with Big-Tech

Insurrection Was the Furthest Thing from Trump’s Mind

Who Are Those Urging Violence?

Are $2,000 Checks Going to Rebuild NYC?

An Alert for Warm Weather, Wine Loving Mavens.

Key West’s Number One Restaurant: The Thirsty Mermaid

VIDEO: Henry U.S. Survival AR-7

Copyright © 2021 | Terms & Conditions | About Us | Dick Young | Archives