蘋果商店遭遇惡意軟件攻擊

美國當地時間9月20日，蘋果公司首次確認有黑客對App Store發(fā)起大規(guī)模攻擊，目前正在清理應用商店中的惡意App，漏洞原因則是“開發(fā)者基于非信任渠道發(fā)布的工具開發(fā)的App有可能對用戶安全造成威脅。”

 

測試中可能遇到的詞匯和知識：

incursion 入侵

swath 草條

malware 惡意軟件

counterfeit 假冒

black eye 恥辱

vulnerabilities 漏洞

 

閱讀馬上開始，建議您計算一下閱讀整篇文章所用的時間，對照下方的參考值就可以評估出您的英文閱讀水平。

Apple hit by rare malware attack in China（402words）

By Richard Waters in San Francisco

 

Apple has owned up to a rare incursion of malicious software into its App Store,forcing it to pull some of the most widely used mobile apps in China from the service.

 

Late on Sunday in California,the iPhone and iPad maker confirmed reports by security researchers who had warned that a swath of popular Chinese apps had been created using developer tools that were infected with the malware,resulting in the compromised apps. “Hundreds of millions” of users of the popular Chinese apps were at risk of having their personal data exposed,including people who use Tencent's WeChat mobile messaging service and ride-hailing app Didi Kuaidi,according to Palo Alto Networks,a US cyber security company.

 

Apple said it had removed the infected apps,which had been created with what it said was a fake version of its software for app developers,known as Xcode.

 

It did not explain how developers of a large number of China's most widely used mobile services had all been infected with the same piece of malware,or how the infected apps that resulted had got through its security screening for the App Store.

 

“To protect our customers,we've removed the apps from the App Store that we know have been created with this counterfeit software and we are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps,” Apple said.

 

The admission is a black eye for the US company,which has made much of its superior security record in mobile apps compared with that of Google. Tim Cook,Apple's chief executive,last year criticised Google for what he claimed were insecure apps,quoting a report that criticised the search company's Android Play store as a “toxic hellstew of vulnerabilities”.

 

Palo Alto Networks said in a blog post on Friday that it had found 39 apps in Apple's App Store that had been created with the infected developer software,which has been dubbed XcodeGhost. Along with WeChat and Didi Kuaidi,the compromised apps include ones for games,banking,stock trading,maps,social networks and mobile phone services,it added.

 

Tencent said in a statement on social networking service Sina Weibo that it had replaced the compromised version of its app. It also said that users had not lost personal information or other property because of the infection.Additional reporting by Gloria Cheung in Hong Kong

 

請根據你所讀到的文章內容，完成以下自測題目：

 

1.Which country's widely used mobile apps were forced to pull?

A.China

B.America

C.Britain

D.Italy

[1] 答案

 

2.What risks to users of the popular Chinese apps?

A.photos are deleted

B.fraudulent credit card

C.personal data exposed

D.implant advertising

[2] 答案

 

3.How the infected apps that resulted had got through its security screening for the App Store?

A.bribing manager

B.exploiting vulnerability

C.not mentioned

D.official permission

[3] 答案

 

4.Who criticised Google's insecure apps last year?

A.Apple's COO

B.Apple's CEO

C.Apple's CQO

D.Apple's CTO

[4] 答案

 

[1]答案：A.China
解釋：由于蘋果應用商店遭遇攻擊，迫使它撤下了一些在中國被廣為使用的移動應用。

[2]答案：C.personal data exposed
解釋：一些熱門中國應用的“數億”用戶的個人數據可能被泄露。

[3]答案：C.not mentioned
解釋：蘋果沒有透露被感染的應用是如何通過蘋果應用商店的安全審查的。

[4]答案：B.Apple's CEO
解釋：倒數第三段，COO -chief operation officer首席運營官； CQO-chief quality officer 首席質量官；CTO- chief technology officer首席技術官。