Apple is cleaning up its iOS App Store after iPhone and iPad programs were identified as being infected with malware. The first large-scale attack on the App Store was reported by several cyber security firms after finding an embedded program called XcodeGhost in hundreds of legitimate apps.
Only five malicious apps have ever been found in the App Store prior to this attack. Hackers were able to get their malware past Apple’s diligent app review process by convincing developers of legitimate apps to use a counterfeit version of Xcode, the software used to create iOS and Mac apps.
“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” said Apple Spokesperson Christine Monaghan in an email. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”
Cyber security firm Palo Alto Networks did not uncover any examples of data theft or harm resulting from the attack. Ryan Olsen, Director of Threat Intelligence for the firm, maintains the attack was still “a pretty big deal.”
“Developers are now a huge target,” Olsen said.
The malicious version of Xcode was downloaded from a server in China. Developers would have used it because it allowed for faster download time than Apple’s U.S. servers. Chinese security firm Qihoo360 Technology Co. reportedly uncovered 344 apps infected with XcodeGhost.
Popular chatting app WeChat was one of the largest programs affected by the malware. An investigation revealed no data theft of leakage of user information had taken place, and the app has immediately been updated to remedy the issue.