Due to the closed nature of the iOS App Store, it’s not often that we hear about malicious apps making their way into Apple’s application shop. That’s exactly what happened recently, though.
New iOS malware called XcodeGhost was recently found to have affected many apps in Apple’s App Store. The malware was originally discovered by Chinese iOS developers last week, and it’s been determined that it originated in a modified version of Xcode, Apple’s iOS and OS X app development tool. Several Chinese developers downloaded this malicious version of Xcode from file sharing services because downloads from Apple’s official servers can be slow for some devs.
After downloading this affected version of Xcode, the developers then used it to create and submit malicious iOS apps. Those apps made their way into the App Store and ended up affecting potentially hundreds of apps, including popular messaging service WeChat. If you install one of these malicious apps, it could collect information about your device, including the time, the device’s name and type, the system language and country, and its UUID.
The good news is that Apple says that it has removed all of the apps that are known to have been affected by this XcodeGhost malware. The Cupertino firm says that it’s working with developers to ensure that they’re using the official version of Xcode to rebuild their apps. WeChat, perhaps the biggest app affected by the malware, has also been updated to a new version that fixes the malicious version of the app (which was version 6.2.5).
This is a big security issue, because even though the number of apps affected by the malware may seem small compared to the total number of apps in the App Store, the number of users that could be affected by this malicious apps is huge. WeChat is one of the most popular messaging service in the world and serves hundreds of millions of users. The good news is that at least Apple has pulled all of the apps that it’s able to identify as having been made with the malicious version of Xcode.