The breach, which is said to have exposed the vulnerabilities of the App Store, infected applications by luring software developers into using a compromised version of Apple’s developer tool kit, according to Alibaba Mobile Security, the mobile antivirus division of Alibaba Group Holding Ltd.
“We’ve removed the apps from the App Store that we know have been created with this counterfeit software”, Apple spokeswoman Christine Monaghan told Reuters.
The developers needed software to design new apps, but instead of downloading it straight from Apple, they downloaded it off a network in China because they thought the download would be a little bit faster, MacRumors reported.
The New York Times states that Palo Alto Networks investigated the incident and explained how they found out about the 40 apps that were infected by the malware dubbed, XcodeGhost, which originates from China. As a result, hundreds of apps, including popular ones like WeChat, Angry Birds 2, and Didi Chuxing, a ride-hailing app, became infected with malware.
Using Chinese app developers, hackers have managed to skirt Apple’s strict app-review process and spread malicious code to millions of iOS devices. The attack involved five malicious apps. For users who might be anxious about this malware, they should make sure that their apps are up-to-date. Citing preliminary investigation, the official noted that there has been no theft and leakage of users’ information or money.
WeChat, one of the most popular apps impacted by the malware, has an estimated 500 million users. Apple has already removed those infected apps from its App Store.
Lookout has posted a list of Apps which were confirmed or was suggested by other companies that were to be affected by XcodeGhost. When you download Xcode from the Mac App Store, OS X automatically checks the code signature for Xcode and validates that it is code signed by Apple. It can prompt Apple device users to divulge their personal information to the hackers.