logo
Mobile
Smartphones
Tablets
Smartwatch & Wearables
Telco
PC
Laptops
Monitors, Input Devices & Accessories
PC Components
Storage
Networking & Security
Lifestyle
Audio
Video
Photography
Smart Home
AI
Cars
Apps & Software
Entertainment
Gaming & Culture
TV & Movies
Guides
How To
Tips
DealsEditor's Picks
Follow Us
Connect with us and stay updated with the latest news and promotions from us! Sign up now!
Mobile | Smartphones

Dozens of iOS apps on App Store infected by XcodeGhost malware (WeChat included)

In what’s being described as the first massive security breach for the iOS App Store, Apple is removing apps from the Store that have been infected with malware. More than 50 apps have been infected, including popular chat app WeChat.

By Alvin Soon - 

In what’s being described as the first massive security breach for the iOS App Store, Apple is removing apps from the Store that have been infected with malware.

Several cyber security firms found a malicious program, called XcodeGhost, that was embedded in dozens of legitimate apps, which were coded by an illegitimate version of Xcode, Apple’s software for making iOS and Mac apps.

The counterfeit version of Xcode is said to have come from a server in China, which developers used instead of downloading the original from Apple’s servers.

Once installed on users’ iOS devices, XcodeGhost secretly collects information and uploads the data to servers, according to cybersecurity company Palo Alto Networks Inc. XcodeGhost can also create fake prompts that ask users to input iCloud passwords, as well as read and write information on the user’s clipboard.

Cybersecurity firm Palo Alto Networks Inc says that more than 50 apps have been found with the tainted code, including the popular chat app WeChat, and other Chinese apps like Didi Kuaidi, and NetEase. Tencent Holdings Ltd. said that only WeChat version 6.2.5 for iOS was affected, and newer versions from 6.2.6 and above aren’t.

Here’s a full list of infected iOS apps, complied by Palo Alto Networks.

While Tencent and other app developers caught in the attack have said that no customer information had been lost so far, the attack could have exposed millions of devices to security breaches. WeChat itself has more than 500 million active users, according to Tencent.

Apple has said in a statement that it is removing the apps from the App Store that have been created with the counterfeit version of Xcode, but it didn’t suggest what users could do to check if their iOS devices had been infected.

What to do if you think you’ve been using any of the infected apps

In the absence of any official advice, we’d say that you should at least update all your apps to the latest versions if you haven’t already, and delete any of the infected apps which haven’t been updated to remove the malware.

If you were asked to input your password in any out-of-the-ordinary prompts, we also advise you to change that password, but not using your iOS device for now, as it might still be infected. It might also be prudent to change your iCloud password if you have been using the infected apps, but also not using your iOS device.

Sources: Wall Street Journal, Bloomberg Business, Reuters, Macrumors.

Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.

Tags

appleios
Share this article