Apple has removed malware-infected apps from the App Store after the company acknowledged it’s first security breach. Going by the name XcodeGhost, this new iOS malware arises from a malicious version of Xcode, Apple’s official tool for developing iOS and OS X apps.
According to a previous report, Apple spokeswoman Christine Monaghan said in an email to Reuters, “We’ve removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”
Among the more notable apps affected was Chinese messaging app WeChat. Describing the issue, the company mentioned in a statement that the flaw, described in recent media reports, only affects WeChat v6.2.5 for iOS. Newer versions of WeChat (versions 6.2.6 or greater) are not affected. A preliminary investigation into the flaw has revealed that there has been no theft and leakage of users’ information or money.
It is the first reported case of large numbers of malicious software programs making their way past Apple’s stringent app review process. Prior to this attack, a total of just five malicious apps had ever been found in the App Store, according to cyber security firm Palo Alto Networks.
Palo Alto Networks Director of Threat Intelligence Ryan Olson said the malware had limited functionality and his firm had uncovered no examples of data theft or other harm as a result of the attack.
Other infected apps included car-hailing app Didi Kuaidi and a music app from Internet portal NetEase. A report by TheVerge points out that there’s no evidence that any data theft has occurred yet, but XcodeGhost is worrying because it shows how legitimate developers can be used as a vector for malicious software, bypassing Apple’s code review.
