Apple removes malware-infected apps that sneaked onto the App Store


TechSpot Staff
Staff member

Apple has removed a collection of malicious apps from the App Store after a strain of malware, known as XcodeGhost, made its way past the company's usually-strict security and app review protocols.

The attackers behind the malware created a modified, counterfeit version of Apple's Xcode developer software and posted it online for developers to download and use. Some developers of legitimate apps mistakenly downloaded the malware-infected version of Xcode, which secretly embedded malicious code into the apps they were developing.

According to security firm Palo Alto Networks, XcodeGhost was able to prompt fake alert dialogs for phishing purposes; read and write data from the clipboard, which could be dangerous if the clipboard included a password copied from a password manager; and hijack the opening of URLs.

XcodeGhost is particularly dangerous because it managed to completely bypass Apple's iOS app review process. Some apps published to the App Store that included malicious code were popular Chinese messaging app WeChat, Angry Birds 2, and business card scanner CamCard, with over 300 apps suspected of being infected.

Apple has since removed all of the apps affected by XcodeGhost, and are working with their developers to ensure all future apps are created using a legitimate version of Xcode, which is already available for free from Apple's website.

Permalink to story.

Last edited by a moderator:


TS Ambassador
Btw: XcodeGhost is a hacked version of the Apple Xcode IDE used to create mobile device apps. The 'hack' was to the IDE and then getting developers to download and use it instead of the official version from Apple.
  • Like
Reactions: cliffordcooley


TS Evangelist
This must be a hoax. These kind of things happen to Android and Windows but NEVER Apple... or so iFans would like us to believe.