Apple is doing a major clean-up of Chinese malicious applications that made their way to the App Store, after developers used a counterfeit version of Xcode in their apps. Developers are advised not to "download crap from Chinese sites".
ABC News reported that developers from China were tricked to using fake software tools that added malicious code to their applications. The counterfeit version of Apple's XcodeGhost was dubbed as XcodeGhost. It was first discovered by a group of researchers at Alibaba Group. Because of China's strict internet filters, developers resorted to download Xcode from "untrusted sources" that promise faster downloads.
Nearly 40 iOS apps were infected in the Chinese App Store. China Digital Times said that Percy Alpha of Greatfire.org named the malware-infected apps such as WeChat, the DiDi ride sharing app, and two NetEase apps. The targeted apps were created by popular, highly-trusted companies like Tencent, Netease, and China Unicom.
According to cybersecurity firm Palo Alto Networks, the malicious apps collected harmless data such as device name and details, the app's name, and time. However, they still posed a huge threat on user privacy and security. The apps can be used to collect information for mining data, phishing iCloud passwords, and gathering private information in the form of chat history, banking details, contacts, and photos.
Security researcher Charlie Miller gave advices to both users and developers of the infected apps. He said that users should be wary of an app even if its developer is trustworthy, to be on the safe side. Since the malicious apps did not do much harm, Miller told users not too worry too much. He told them to just delete the suspicious apps and stay tuned with other reports.
On the other hand, Miller told developers "not to download crap from Chinese sites". Tech Crunch reported that developers were irresponsible for ignoring warnings and relying on unreliable sources. It was revealed that Apple Gatekeeper issued a warning before developers can install the XcodeGhost, indicating that the software was damaged and should be moved to trash. However, developers chose to ignore the warning and suffered the consequences as a result.
Late Apple founder and CEO Steve Jobs said that Apple has a "kill switch" in case malicious app stealing user data sneak into the App Store. He states, "Hopefully we never have to pull that lever, but we would be irresponsible not to have a lever like that to pull".
This is the first major malware attack directed on Apple as reports say. Apple is currently removing malicious apps from the App Store to protect customers and is working with developers to make sure they are using the correct Xcode toolkit.
Join the Conversation