Apple's iOS App Store Gets Invaded By 'XcodeGhost'
By MoneyTimes
Sep 22, 2015 06:48 PM EDT
Regions
Apple Senior Vice President of Worldwide Marketing Phil Schiller speaks about iPhone prices during a Special Event at Bill Graham Civic Auditorium September 9, 2015 in San Francisco, California. Apple Inc. unveiled latest iterations of its smart phone, forecasted to be the 6S and 6S Plus and announced an update to its Apple TV set-top box. (Photo : MoneyTimes)
Recently, Apple has been having problems with the iOS download leaving iPhone devices to crash and Apple fans deeply frustrated. Some were lucky enough to get the new operating system, but others were unfortunate.
Several of Apple's iOS Store became infected due to a malware called XcodeGhost. This is the first case that a large number of malicious software was able to sneak in Apple's defenses, as reported by Guardians.
The largest-selling phone company needs to remove more than 300 malware-infected apps from its apps store after a damaged version of its developer tools led to a number of Chinese apps leaking users' personal information to hackers.
Apple confirmed on Sunday night the apps' removal after several cybersecurity firms reported the discovery of a malicious program named "XcodeGhost" that was embedded in hundreds of legitimate apps. Prior to the attack, five malicious apps had already been found in the app store, according to cybersecurity firm Palo Alto Networks.
The company said the hackers embedded the malicious code in these apps by enticing developers of legitimate software to use a tainted, counterfeit version of Apple's software for creating iOS and Mac apps, known as Xcode.
Apple refused to inform how many apps had been removed. But researchers said among the infected apps included are Tencent's famous mobile chat app WeChat, car-hailing app Didi Kuaidi and NetEase, an Internet portal music app, CNBC reported.
Tencent said on its official WeChat blog that the security flaw affects WeChat 6.2.5, an old version of its popular chatting app and that newer versions were untouched. A preliminary investigation showed there had been no data theft leakage of user information, Apple said.
"We've removed the apps from the app store that we know have been created with this counterfeit software," Apple spokeswoman Christine Monaghan said in an email. "We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps. "
However, she did not inform what steps to be done by iPhone and iPad users to determine whether their devices were infected.