News  Apple
Apple: Now malware is in the App Store

Hits hundreds of apps in Chinese App Store

Apples famous walled garden came tumbling down in China as news emerged of hundreds of apps it serves to trusting users being riddled with malware. This is particularly embarrassing for Apple, who take the opposite approach to Google when it comes to its App store by claiming every app allowed in is scrutinized by humans and various other procedures to ensure this never happens.

iPhones and iPads are equally affected in what Reuters are claiming is "Apples iOS App Stores first major attack".

Apple claim to have removed all apps known to be affected from the Chinese app store. They have not given advice to users regarding how they could determine if any of the apps they have installed are affected.

Uses infected developer tools

The route the malware took into the app store is via the tools which the software developer used to create them. This means a corrupted version of Xcode, which has been either infected after installation or most likely pirated when it already contained the corrupted code. As a consequence, developers writing legitimate apps are probably unaware they are uploading malware into Apples app store.

Qihoo360 Technology Co, a Chinese security firm, have announced they have so far uncovered 344 apps infected with XcodeGhost.

It has emerged that the infected apps include Tencents wildly popular chat app WeChat, a popular car-hailing app called Didi Kuaidi, a music app from NetEase Inc. and Chinas official rail ticket purchasing app.

girl broken buildings 700x256

Palo Alto Networks Director of Threat Intelligence Ryan Olson said the malware was "a pretty big deal" because it showed that the App Store could be compromised if hackers infected the machines of software developers writing legitimate apps. Other attackers will see this as a new way to get malware into Apples app store, and that's really difficult to to defend against, he said.

The worry now is - how do users know this only affects the Chinese app store? There was no warning beforehand, and each of the corrupted apps had passed Apples stringent security checks. If the same approach had been used elsewhere, could it be there are affected apps in Apples other app stores, such as the US, just waiting to be discovered?

The BBC has more details, and MacRumors have published a list of known affected apps.