Apple cleans the Chinese App store from malware infected apps

Hackers have finally managed to infiltrate Apple’s App Store.

On Sunday, Apple confirmed that its App Store has suffered its first major security breach.

As a result, hackers have resorted to adding a malicious code into what app developers believe to be the official version of XCode, which is Apple’s IDE used for creating iOS and Mac OS X apps.

Still, he said it was “a pretty big deal” because it showed that the App Store could be compromised if hackers infected machines of software developers writing legitimate apps.

Other firms said to be affected included Chinese ride-hailing app Didi Kuaidi, Internet portal NetEase, and mobile phone operator China Unicom, among several more.

The infected apps can transmit information about a user’s device, prompt fake alerts that could be used to steal passwords to Apple’s iCloud service, and read and write information on the user’s clipboard, according to Business Spectator.

Research associate Palo Alto Networks has posted an analysis on a novel malware XcodeGhost that modifies Xcode IDE to infect Apple iOS apps.

WeChat, an instant messaging application developed by Tencent, has hundreds of millions of users in China and around the world. Some of the apps affected by the infection are very popular like WeChat and Angry Birds 2.

So the recent reveal from Palo Alto Networks that about 40 apps on the App Store were secretly laden with malware came as a shock.

Chinese security firm Qihoo360 Technology said on its blog that it had uncovered 344 apps tainted with XcodeGhost.

Palo Alto Networks said the malware was hidden in computer code – notably the Xcode software required for apps – and made its way into applications without the knowledge of developers. Phil Schiller, Apple’s senior vice president of marketing, said in apress release: “iOS 9 is also off to an fantastic start, on pace to be downloaded by more users than any other software release in Apples history”. As the standard Xcode installer is almost 3GB, some Chinese developers choose to download the package from other sources or get copies from colleagues. Currently, outside watch apps run on iPhone and then relay data to the watch causing a time lag.

Despite the malware outbreak, Apple is celebrating its most successful iPhone update ever.

Olson said versions of Xcode from Apple should be safe.