Dozens of mobile apps in Apple’s iPhone and iPad App Store have been infected by malware. The company has since removed these compromised apps from its App Store, but apparently the damage has already been done. As initially reported by Palo Alto Networks, a total of 39 mobile apps were infected by a malware called XcodeGhost. XcodeGhost is actually a fake version of Apple’s own Xcode program, which the company uses to build mobile apps for the iOS and Mac system software. By the time XcodeGhost was discovered, it had already affected mobile apps that include those used for trading stocks and banking purposes.
Apple was quick to act in trying to get rid of the compromised mobile apps from its online app stores for its iPhone and iPad devices. The company added that it is also collaborating with app developers in order to ensure that the developers are using the safe version of the Xcode program in reconstituting their mobile app creations.
The iPhone maker made no mention of exactly how many mobile apps were infected, that is apart from those reported by Palo Alto Networks. One of the apps reported to be affected was WeChat, a messaging mobile app that currently has a user base of more than 500 million users. The app’s developer, Tencent, has issued a statement saying that only users of an earlier version of the WeChat messaging app could potentially be compromised.
It is a shame because Apple’s App Store has had a really good track record of security. As noted by Palo Alto Networks, the App Store has only had a total of five malware infected mobile apps that got through Apple’s extensive screening process prior to this latest XcodeGhost incident. This is pretty remarkable, considering that to date, there are about more than 1.5 million mobile apps in the App Store.
As explained by Ryan Olsen of Palo Alto Networks, the XcodeGhost malware actually poses little harm relatively. But more alarming is the fact that it was able to go through Apple’s rigid testing standards and infect dozens of mobile apps. Olsen points out that this incident is proof that even the App Store from the mighty Apple is not immune to cyber attacks.
As for the app developers that utilized the XcodeGhost malware, it is highly likely that they did not know that they were using the wrong code. Chinese app developers often acquire Xcode from unofficial websites because of the slow download speeds encountered with downloading the code from Apple’s servers in the United States. And it did not help that the people behind the attack slyly slipped the XcodeGhost amidst legitimate programs used by app developers.
According to Apple, many app developers may have deactivated the Gatekeeper feature of their Mac computers. This feature was supposed to help in restricting where one can download mobile apps from, and is designed to detect suspicious software.
