Previous Story
Apple removes apps affected by ‘XcodeGhost’ malware after App Store is hacked
On Monday, Apple confirmed that dozens of apps infected with malware had been unwittingly published to the App Store.
The hack seems to be targeted at China, with hackers providing an infected version of Apple’s software, known as Xcode, for creating iOS apps to developers. It worked its way into several apps by convincing developers to use a counterfeit version of Xcode, which is the software used to create iOS and Mac apps. The firm stated on its website, “We believe XcodeGhost is a very harmful and risky malware that has bypassed Apple’s code review and made unprecedented attacks on the iOS ecosystem”.
According to multiple security research firms, numerous widely used apps such as mobile chat app WeChat, which boasts almost 500 million active users, have been compromised.
The malicious code was added into applications without developers’ knowledge, cyber security experts said.
This is also the single largest infestation of malware in the App Store to date, though Palo Alto Networks said it did not have any evidence suggesting the infected apps stole users’ personal data. Most of the apps affected, such as the ride-hailing service Didi Kuaidi, are most popular in China.
Most of the apps impacted are targeted at the Chinese market but some have worldwide appeal. iPhone and iPad users should update their apps immediately to ensure they are on the latest version.
Apple reportedly said it had addressed the security breach and had teamed up with developers to help fix affected apps.
“But if something does slip through the net, as in this case, there’s no protection available because Apple doesn’t provide third-party developers with the means to develop anti-malware protection for iOS.”
Apple had gone to great lengths, and great expense, to sift through each and every submission to the store, which included staff check for quality, usability and, above all else, security. Moreover, the exploit is able to go through a user’s entire information and also steal credentials for all kinds of services.
It was unable to comment whether the Chinese Government was behind the attack.
