Apple XcodeGhost Malware More Malicious Than Originally Reported

An anonymous reader writes: Details were scant when Apple confirmed the XcodeGhost malware had infiltrated the iOS App Store. The company didn't say which specific iOS vulnerabilities were exposed and didn't indicate how its iPhone users were affected. However, a Palo Alto Networks security analyst is reporting that XcodeGhost had been used to phish for iCloud passwords, and more specific details are emerging. According to the Networkworld article: "URLs can be sent to the iOS device and opened. This isn't limited to HTTP and FTP URLs, but includes local URLs, such as itunes:// and twitter:// that iOS can be used for inter-app communications. For example, this could be used to force automatic phone calls to premium phone numbers, which can charge up to $1 per minute in some cases. Some iOS password manager apps use the system clipboard to paste passwords into the login dialog. As another example, the XcodeGhost malware can read and write data in the user's clipboard, which would allow it to snatch a password."

Re:Apple is for cows

[sexconker]

It's not, moron. I don't post AC like you do, and I haven't mooed in a long time because I got bored of it.
Feel free to peruse my history - I've mooed many times under my name, yet you keep linking to one example as if it were a slip up you "caught".