Apple brings down malware-infected apps from store

A large number of popular Chinese apps were affected in the security breach

Apple has brought down a large number of apps from its store after it was found that around 40 iOS apps had been infected by a modified version of the company's software for developers.

Christine Monaghan, an Apple spokeswoman, told news outlets that the company removed apps from the App Store that it knows have been created with the counterfeit software, to protect its customers.

Palo Alto Networks reported last week that a new malware, called XcodeGhost, modified the Xcode integrated development environment for building apps for the Mac, iPhone and iPad.

The security firm said Friday that it had found that over 39 apps, including many popular Chinese apps, had been infected by the malware. These included WeChat, a popular chat app from Tencent, Didi Chuxing, developed by Uber's China rival, and business card scanner CamCard. Some of these apps are used outside China.

Tencent said in a blog post that the flaw only affects version 6.2.5 for iOS and not newer versions of WeChat. It said it had fixed the issue and that it had been found during preliminary investigations that there had been no theft or leakage of users' information or money.

Palo Alto said it was cooperating with Apple on the breach and recommended that all iOS developers be aware and take necessary actions. XcodeGhost, which targets compilers, collects information on devices and uploads the data to command and control servers.

The mode of attack can also be used to target enterprise iOS or OS X apps in "much more dangerous ways," Palo Alto researcher Claud Xiao wrote.

The security firm said that XcodeGhost was a "very harmful and dangerous" malware that could prompt fake phishing dialogs, open URLs, and read and write clipboard data, which in some cases can be used to read passwords.

The malware, first reported on Chinese social-networking site Sina Weibo, was later confirmed by security researchers from Alibaba, according to reports. It isn't clear how the apps passed Apple's stringent code review. Apple could not be immediately reached for comment.

Some analysts have suggested that the compromised Xcode may have been downloaded from a server in China to get around slow Internet connections to Apple's own servers. Palo Alto Networks said the modified Xcode was uploaded to Baidu's cloud file-sharing service for use by Chinese developers. The Chinese company later removed the files.

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

John Ribeiro

IDG News Service
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?