Infected iOS Apps - Hikvision - Ivms-4500

You may want to check your iphone and your employees iPhones to see if they have infected iOS apps on their phone. Apple has supposedly removed the infected apps from the Apps Store, however, they did not remove it from your phone if you have it installed on your phone. Check out the full list of apps as there are a few popular apps that are infected. For our industry, I noticed that iVMS-4500 was an infected malware app. I looked it up and it is HIK Visions app,

HIK Visions APP

Full List


Thanks for sharing. We already emailed Hikvision this morning requesting comment. We will update as we review ourselves and get feedback from Hikvision.

THE reason why America should not use Chinese electronics in the security field...

"The majority of cyberspace is created and maintained by the private sector and most cyber weapons have their origins in the non-state sector as well, including sophisticated cyber weaponry. As a consequence, in any cyber conflict, in order for a nation to be able to adequately project cyber power and conduct operations in cyberspace with the maximum impact, it needs the cooperation of the private sector."

http://thediplomat.com/2015/03/why-the-pla-revealed-its-secret-plans-for-cyber-war/

wonder if Joe Coe covered downloading malicious versions of Xcode when making apps for iOS

Cybersecurity and Video Surveillance: How to Protect Your IP Video Network - by HikVision https://event.webcasts.com/starthere.jsp?ei=1073656

So does anyone know the needed steps to protect yourself after deleting the infected Hikvision app?

And on another point, there are probably many other app devs being used by western companies that outsource to foreign devs. Buying from a western brand doesn't guarantee non-Chinese code.

Jon,

In terms of what to do after deleting the Hikvision app, probably would be prudent to change your passwords for your device and other apps on the device, since Palo Alto Networks is saying that it's possible that such credentials could have been obtained.

I don't know what else but if I see or hear anything, we'll add. We're also going to do a longer post in the morning.