XcodeGhost malware affecting hundreds of iOS apps, Apple pulling infected versions from App Store

Posted by:
Date: Monday, September 21st, 2015, 07:06
Category: iOS, iPad, iPhone, News, security, Software


This is where things get a bit messier.

Apple has admitted that it is App Store integrity was compromised as apps were secretly infected by fake Xcode tools before submission to the App Store. The company has now officially acknowledged the problem and is now removing apps affected by the malware from the App Store.

Developers were inadvertently submitting malware by using counterfeit versions of Xcode, Apple’s development software, to submit apps. The fake Xcode, dubbed XcodeGhost, would inject malicious code into otherwise-legitimate apps during the submission process.

The malware seems to have infected hundreds of apps on the App Store, Apple releasing the following statement:

“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” Apple spokeswoman Christine Monaghan said in an email. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”

It’s unknown how the false development tools found their way that deeply into the wild, as opposed to Apple’s official Xcode software, which is available for free from the Mac App Store. One theory is that Apple’s servers are slow to download from in China, so developers used this alternative ‘mirror’ (unaware of its true credibility) download for convenience and speed.

Most of the apps impacted are targeted at the Chinese market but some have international appeal. iPhone and iPad users should update their apps immediately to ensure they are on the latest version. It is also good practice to change your iCloud and other account passwords, in case you have accidentally fell victim to one of these phishing attempts.

Stay tuned for additional details as they become available.

Via 9to5Mac and Reuters

Recent Posts