Richardcyoung.com

The Online Home of Author and Investor, Dick Young

  • Home
  • How We Are Different
  • Debbie Young
  • About Us
    • Foundation Principles
    • Contributors
  • Investing
    • You’ve Read The Last Issue of Intelligence Report, Now What?
  • Your Survival Guy
  • The Great Reset
  • The Swiss Way
  • My Rifles
  • Dividends and Compounding
  • Your Security
  • Dick Young
  • Key West
  • Paris
  • Dick’s R&B Top 100
  • Liberty & Freedom Map
  • Bank Credit & Money
  • Your Survival Guy’s Super States
  • NNT & Cholesterol
  • Your Health
  • Ron Paul
  • US Treasury Yield Curve: My Favorite Investor Tool
  • Anti-Gun Control
  • Anti-Digital Currency
  • World Gold Mine Production

iPhone iOS9 Hack and Chinese Malware

September 23, 2015 By E.J. Smith - Your Survival Guy

Want to earn a cool million? Are you familiar with a security breach at Apple’s app store? I was clued in to these stories from our in-house systems and network manager. A security firm is offering up the million dollar bounty, the largest to date and capped at $3 million, for the successful hack. “Rather than report vulnerabilities in software to the companies that make it to help fix hackable bugs, Vupen develops hacking techniques based on those bugs and typically sells them to multiple government customers,” reports Wired. In a separate report from Wired, there are concerns related to how bugged Chinese apps made their way onto Apple’s app store.

The $1 million bounty:
AS LONG AS hackers have sold their secret hacking techniques known as zero-day exploits to government spies, they’ve generally kept that trade in the shadows. Today it’s come into the spotlight with the biggest bounty ever publicly offered for a single such exploit: $1 million for a technique that can break into an iPhone or iPad running Apple’s freshly released iOS 9.

On Monday, a new security industry firm known as Zerodium announced that it will pay that seven-figure sum to anyone who gives the company a hacking technique that can take over an iOS device remotely, via a web page the victim visits, a vulnerable app on the victim’s device, or by text message. The company says it’s willing to pay the bounty multiple times, though it may cap the payouts at $3 million.

“Due to the increasing number of security improvements and the effectiveness of exploit mitigations in place, Apple’s iOS is currently the most secure mobile OS,” reads the

statement on Zerodium’s website announcing the bounty. “But don’t be fooled, secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here’s where the Million Dollar iOS 9 Bug Bounty comes into play.”

Bugged Chinese Apps get into Apple’s App store:

THE APPLE ECOSYSTEM is well known for very rarely letting any dodgy apps enter it because of the company’s stringent security checks.

But recently, nearly two dozen malicious pieces of software managed to get hosted on the App Store, and subsequently downloaded by Chinese users. This is because attackers found an unorthodox route to exploit: they targeted some versions of the software used by developers to makes apps for iOS and OS X in the first place.

The Hack
The malware was first highlighted by Chinese developers on Weibo, and was then analyzed by researchers from Alibaba. Security company Palo Alto Networks then verified the results.

The hack all hinges around Xcode, a tool used to create iOS and OS X apps. Typically, Xcode is downloaded directly from Apple for free. However, it is possible to get Xcode from other sources too, such as developer forums. Some versions of Xcode found on Baidu Yunpan, a Chinese file-sharing service, come packaged with extra lines of code. The Alibaba researchers have dubbed these malicious variants “XcodeGhost.”

Related Posts

  • Stun Gun iPhone Case
  • Ditch your iPhone
  • How to Protect Your iPhone
  • Author
  • Recent Posts
E.J. Smith - Your Survival Guy
E.J. Smith is Founder of YourSurvivalGuy.com, Managing Director at Richard C. Young & Co., Ltd., a Managing Editor of Richardcyoung.com, and Editor-in-Chief of Youngresearch.com. His focus at all times is on preparing clients and readers for “Times Like These.” E.J. graduated from Babson College in Wellesley, Massachusetts, with a B.S. in finance and investments. In 1995, E.J. began his investment career at Fidelity Investments in Boston before joining Richard C. Young & Co., Ltd. in 1998.

E.J. has trained at Sig Sauer Academy in Epping, NH, NH, where he completed course-work in Practical and Defensive Handgun, Conceal Carry Pistol, Shotguns, Precision Scope Rifle and Kidnapping Prevention.

E.J. plays a Yamaha Recording Custom drum set with Zilldjian cymbals. His first drum set was a 5-piece Slingerland with Zildjians. He grew-up worshiping Neil Peart (RIP) of the band Rush, and loves the song Tom Sawyer—the name of his family’s boat, a Grady-White Canyon 306. He grew up in Mattapoisett, MA, an idyllic small town on the water near Cape Cod. He spends time in Newport, RI and Bartlett, NH—both as far away from Wall Street as one could mentally get. The Newport office is on a quiet, tree lined street not far from the harbor and the log cabin in Bartlett, NH, the “Live Free or Die” state, sits on the edge of the White Mountain National Forest. He enjoys spending time in Key West and Paris.

Please get in touch with E.J. at ejsmith@yoursurvivalguy.com

Click here to sign up for my free monthly Survive & Thrive letter.
Latest posts by E.J. Smith - Your Survival Guy (see all)
  • Birth Rates in France Worst Since Post-WWII Era - June 1, 2023
  • Your Survival Guy Felt Like a U.N. Worker in Rome - May 31, 2023
  • The Future of the American City is This… - May 30, 2023

Dick Young’s Must Reads

  • My Smith & Wesson Revolvers Home Defense Team
  • Remembering Brent Scowcroft
  • Protection While Traveling in France
  • Your Survival Guy at Fidelity and Your RMD Compliance
  • Who Will Pay the Price for LEDs?
  • The Swiss Way
  • Hillsdale College: What College Is Meant to Be
  • The Four Most Important Words in Investing
  • TROJAN HORSE: “Diversity, Equity, and Inclusion” is Critical Race Theory in Disguise
  • A Look at the Future of Main Street America

Disclosure

RSS Youngresearch.com

  • Birth Rates in France Worst Since Post-WWII Era
  • A Cashless Society Is A Debacle for Americans
  • Democracy: The Most Dangerous and Insidious Effect of Majority Rule.
  • What’s the Alternative to China for Manufacturers?
  • Here Come the Adjustments to Earnings
  • Container Production Cuts a Sign of Declining Trade?
  • Your Survival Guy Felt Like a U.N. Worker in Rome
  • Happy Memorial Day!
  • Your Survival Guy in Rome 30-Years A.B. (After Babson)
  • Money Market Assets Hit Record High: $5.4 Trillion

RSS Yoursurvivalguy.com

  • Survive and Thrive June 2023: Your Survival Guy in Rome 30-Years A.B. (After Babson)
  • Birth Rates in France Worst Since Post-WWII Era
  • Your Survival Guy Felt Like a U.N. Worker in Rome
  • Social Security: Declining Italy Needs a Bambino Boom
  • ATTACK ON THE IVAN KHURS: Unmanned Vessels Changing Naval Warfare
  • The Future of the American City is This…
  • Happy Memorial Day: Your Survival Guy: Proud To Be an American
  • Your Survival Guy in Rome 30-Years A.B. (After Babson)
  • Insurers Now Fleeing the Net Zero Insurance Alliance
  • A Three-Week International Research Trip to Paris via Rome

Auto Profitability Colliding with Low Emissions

Birth Rates in France Worst Since Post-WWII Era

What Binds the Woke Left Together?

Joel Salatin and Alfie Oakes, America’s Food Kings

The Party Is Going Off the Rails

Your Survival Guy Felt Like a U.N. Worker in Rome

Copyright © 2023 | Terms & Conditions | About Us | Dick Young | Archives