MANILA, Philippines – Apple on Sunday, September 20, was working to clean up the iOS App Store following instances of malicious iPhone and iPad programs being placed into the App Store for download.
Among the affected apps are social networking app WeChat, Chinese ridesharing service Didi Kuaidi, and business card reader CamCard.
According to Forbes, the infection stemmed from developers downloading third-party copies of Xcode, a developer tool for iOS and Mac OS X applications. Instead of downloading Xcode directly from Apple the third party downloads were altered such that malware was added onto apps with the altered Xcode, now called XcodeGhost.
Palo Alto Networks senior researcher Claud Xiao added that the malware not only appears to take non-sensitive data, but also "can be remotely controlled by the attacker to phish or exploit local system or app vulnerabilities." In this case, evidence suggests this was used to acquire an affected user's iCloud credentials from users of the infected apps.
Tencent has updated the WeChat app to version 6.2.6 to get rid of the bad code, adding that it had found no evidence of data loss.
The full list of affected apps is available on the Palo Alto Networks blog. – Rappler.com
iPhone image from Shutterstock