Apple removes malware-infected apps that sneaked onto the App Store

By Scorpus ยท 4 replies
Sep 21, 2015
Post New Reply
  1. Apple has removed a collection of malicious apps from the App Store after a strain of malware, known as XcodeGhost, made its way past the company's usually-strict security and app review protocols.

    The attackers behind the malware created a modified, counterfeit version of Apple's Xcode developer software and posted it online for developers to download and use. Some developers of legitimate apps mistakenly downloaded the malware-infected version of Xcode, which secretly embedded malicious code into the apps they were developing.

    According to security firm Palo Alto Networks, XcodeGhost was able to prompt fake alert dialogs for phishing purposes; read and write data from the clipboard, which could be dangerous if the clipboard included a password copied from a password manager; and hijack the opening of URLs.

    XcodeGhost is particularly dangerous because it managed to completely bypass Apple's iOS app review process. Some apps published to the App Store that included malicious code were popular Chinese messaging app WeChat, Angry Birds 2, and business card scanner CamCard, with over 300 apps suspected of being infected.

    Apple has since removed all of the apps affected by XcodeGhost, and are working with their developers to ensure all future apps are created using a legitimate version of Xcode, which is already available for free from Apple's website.

    Permalink to story.

    Last edited by a moderator: Sep 21, 2015
  2. Snuck or sneaked?
    I guess the snuck is non-standard.
  3. jobeard

    jobeard TS Ambassador Posts: 11,167   +986

    Btw: XcodeGhost is a hacked version of the Apple Xcode IDE used to create mobile device apps. The 'hack' was to the IDE and then getting developers to download and use it instead of the official version from Apple.
    cliffordcooley likes this.
  4. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 8,647   +3,274

    This must be a hoax. These kind of things happen to Android and Windows but NEVER Apple... or so iFans would like us to believe.
  5. jobeard

    jobeard TS Ambassador Posts: 11,167   +986

    So happy to know this - - WOW, I never knew that :grin:

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...