Recently, dozens of iOS apps in Apple’s Chinese App Store were infected with malware.
This is the first major case of hackers breaching the highly guarded application storefront.
Apple said it had removed affected apps from the App Store that included the malicious code, but hundreds of millions of Chinese users had already been distributed with malware that could attempt to steal users’ passwords and other information.
The instant messaging app, WeChat, which has more than 500 million users, said its app was affected by the issue but that it had already fixed the problem earlier this month.
It said its version 6.2.5, released on Sept. 10, was infected, but version 6.2.6, released Sept. 12, was not.
So far, there has been no sign of “theft and leakage of users’ information or money,” the company added.
Both the app developers and Apple were apparently unaware that the apps had been infected.
Hackers succeeded by tricking iOS app developers into downloading a modified version of Xcode, the software used to create iOS apps. This fake version of Xcode included the malware, which then made its way into the apps, which were then uploaded to the App Store.
According to Palo Alto Networks, a security company that discovered the issue, the malware could potentially prompt users to enter passwords and then steal them; hijack certain URLs that a user attempted to open; or grab information off a user’s clipboard. Palo Alto Networks said it identified at least 39 apps that had been affected, including at least one that tried to steal users’ iCloud passwords.
Xcode, which is essential software for app makers, is a huge and complex program, and it takes a long time to download from Apple (it’s 3.59GB).
Ryan Olson, Palo Alto Networks’ director of threat intelligence, told Reuters that hackers might have convinced Chinese developers to download the malicious version of Xcode because it would download faster in China.
Apple didn’t specify how many apps it had removed. In its response. “To protect our customers, we’ve removed the apps from the App Store that we know have been created with this counterfeit software and we are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps,”
385 total views, 0 views today