Apple’s App Store suffers first major malware attack; WeChat among China-linked apps hit
Apple has removed malware-infected apps from the App Store after the company acknowledged its first security breach, agencies report.
A malicious program was found in a number of applications used by owners of iPhones and iPads in China.
This first-of-its-kind security breach exposes a rare vulnerability in Apple’s mobile platform, multiple researchers said.
According to them, the infected apps can transmit information about a user’s device, prompt fake alerts that could be used to steal passwords to Apple’s iCloud service, and read and write information on the user’s clipboard.
Apple said the hackers had embedded a malicious code into the apps by persuading developers to use a counterfeit version of the firm’s own software.
The program called XcodeGhost allows hackers to collect data from devices.
The infected applications include many used by iPhone and iPad owners in China such as Tencent’s hugely popular WeChat app, a music app from Internet portal NetEase Inc., and an Uber-like car hailing app Didi Kuaidi.
An Apple spokeswoman said the apps had now been removed.
“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” Apple spokeswoman Christine Monaghan said in an email. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”
She did not say what steps iPhone and iPad users could take to determine whether their devices were infected.
Palo Alto Networks Director of Threat Intelligence Ryan Olson said the tainted version of Xcode was downloaded from a server in China that developers may have used because it allowed for faster downloads than using Apple’s US servers.