Apple App Store malware attack: Which iPhone and iPad apps are infected with XcodeGhost?
Apple has fallen victim to the first large-scale attack on its App Store, after a malicious program was found embedded in applications used by iPhone and iPad owners in China. The US tech giant has said that the apps have since been removed from the App Store, however people still using the apps may be affected.
Hundreds of apps are reportedly affected and Apple is yet to issue instructions to users who may have downloaded the infected apps. An official list of the apps is also yet to be released. The biggest attack on the App Store in the past has involved only five apps and one security firm has suggested that hundreds of millions of users may have been affected.
For users concerned about the App Store attack, IBTimes UK has compiled a list of the threats these users might face, as well as a list of the apps affected by the malware infection.
How and where did the App Store attack take place?
The attack is thought to have originated from malicious code embedded into the apps by unwitting developers. The XcodeGhost program containing the malware was developed by hackers as a counterfeit version of Apple's own software, before being peddled onto developers.
China-based developers may have chosen to use the counterfeited version as the software downloads faster from Chinese servers than Apple's US-based servers. According to security firm Palo Alto Networks, the scale of the attack is like nothing Apple has experienced before.
"We believe XcodeGhost is a very harmful and dangerous malware that has bypassed Apple's code review and made unprecedented attacks on the iOS ecosystem," the firm said.
What apps are affected by the App Store malware attack?
Most of the infected apps are used by iPhone and iPad owners in China. They include a music downloading app, an Uber-like ride sharing app, and the popular WeChat communication app.
Palo Alto Networks and Dutch security firm Fox-IT published a list of apps it claims are affected. The list predominantly features Chinese-language apps but also includes the following:
- Lifesmart
- CamScanner (incl. Pro and Lite)
- CamCard
- SegmentFault
- OPlayer (and OPlayer Lite)
- Mercury
- WinZip
- Musical.ly
- PDFReader
- Guaji Gangtai
- Perfect 365
- PDFReader Free
- WhiteTile
- IHexin
- WinZip Standard
- MoreLikers2
- Mobile Ticket
- QYER
- Golfsense
- Ting
- Installer
- TinyDeal
- Snapgrab Copy
- PocketScanner
- CuteCut
- SuperJewelsQuest2
- InstaFollower
- Baba
- WeLoop
- DataMonitor
- Nice Dev
- FlappyCirlcle
- BiaoQingBao
- SaveSnap
- Guitar Master
- Jin
- WinZip Sector
- Quick Save
In a statement, an Apple spokesperson said: "We've removed the apps from the App Store that we know have been created with this counterfeited software. We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps."
WeChat said in a blogpost that the security flaw only affected an earlier version of its app - WeChat 6.2.5 - and that an initial investigation suggested that no data theft or leakage of user information had occurred.
© Copyright IBTimes 2024. All rights reserved.