Malware discovered on 39 apps in the Apple App Store

49comments
A malware that infects iOS apps through a malicious version of Apple's Xcode, has resulted in the discovery of at least 39 infected apps in the Apple App Store. Among the apps affected is the extremely popular Chinese messaging app WeChat, and ride-sharing app Didi Chuxing. The latter is the most popular Uber-esque service in China.

While past viruses on iOS were placed inside an app by the developer, created and published in the App Store to purposely create havoc, this malware enters an app without the knowledge of its developer. Since a rogue version of Xcode was used in this endeavor, the malware itself is being called XcodeGhost.

The malicious version of Xcode was apparently taken off Baidu by Chinese iOS/OS X developers instead of using the most up-to-date version of the IDE available from Apple. The infected version of Xcode has since been removed from Baidu. According to a report by Palo Alto Networks, XcodeGhost can be used by the hacker to remotely phish, or to take advantage of vulnerabilities on apps and the local system.

Some other apps infected include Railway 12306, the only official app in China to offer train tickets. Stock trading platform Tonghuashun, and China Unicom Mobile office are also infected. You can check out all of the malware infected titles by clicking on the sourcelink.

source: PaloAltoNetworks via RedmondPie
Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless