Apple App Store hit with malware in China

21 Sep 2015

Apple confirmed last night that it was removing several infected apps after a number of cybersecurity firms reported finding a malicious program dubbed ''XcodeGhost'' embedded in hundreds of legitimate apps.

This comes as the first reported case of large numbers of malicious software programs giving the slip to the Apple's stringent app review process.

The Guardian reported that Apple had had to remove over 300 malware-infected apps from its app store after a tainted version of its developer tools led to a number of Chinese apps leaking users' personal information to hackers.

Hackers are believed to have launched what is thought to be the first large-scale attack on Apple's App Store, creating a counterfeit version of Apple's software for building iOS apps, which developers were persuaded to download.

Apps developed using the software could steal data about the users and send it to servers controlled by the hackers.

The hackers could send fake alerts to infected devices to trick their owners into revealing passwords and other information.

Among the infected applications is Tencent's hugely popular WeChat app, a music downloading app and an Uber-like car hailing app.

A number of the affected apps - including the business card scanner CamCard were also available outside China.

According to an Apple spokeswoman, apps created using the counterfeit software, XcodeGhost, had now been removed from the App Store.

"We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps,'' Apple spokeswoman Christine Monaghan said in an email.

The attack should not have happened in the App Store, according to commentators.

Apple had gone to great lengths, and great expense, to sift through each and every submission to the store, which included staff check for quality, usability and, above all else, security.

Only five malicious apps had ever been found in the app store, prior the latest revelations according to cybersecurity firm Palo Alto Networks.

According to Apple, hackers included the malicious code in the apps by convincing developers of legitimate software to use a tainted, counterfeit version of Apple's software for creating iOS and Mac apps, known as Xcode.

''We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps,'' Monaghan added in her email.

People who owned Apple devices at one time, could feel safe from hack attacks, but times have changed. (See: Hackers find way to attack Apple devices).