Who said iOS isn’t affected by malware? Researchers have discovered a new infection dubbed “XcodeGhost” that has made its way into hundreds of popular iOS apps, including titles like WeChat and CamCard, that could leave millions of users at risk.
XcodeGhost makes its way into iOS apps through an infected version of Xcode, Apple’s software development tool for building iOS and OS X apps. The malicious application has been distributed through Chinese file sharing service Baidu and used to compile iOS apps.
It’s thought the developers affected, most of which are based in China, were unaware they were using a dangerous version of Xcode, and inadvertently built apps containing the XcodeGhost malware, which have now made their way into the App Store.
The malware was discovered by Palo Alto Networks, which has found more than 50 apps for iPhone, iPod touch, and iPad are carrying XcodeGhost. Many are Chinese titles, but some are incredibly popular in the West, too, such as WeChat, CamCard, PocketScanner, and even Angry Birds 2.
It’s thought more than 300 apps could be infected by this malware, making it the largest security breach in the history of the iOS platform. The good news is, Apple has already begun removing affected titles from the App Store.
“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” Apple spokeswoman Christine Monaghan told Reuters. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”
Apple has not revealed exactly how many apps it has removed so far, but reports suggest XcodeGhost has hit more than 500 million users. The malware has the ability to steal information like your device’s name, type, and unique identification number, but no personal data.
For more information on XcodeGhost and the full list of apps affected, see Palo Alto Networks’ report by following the source link below.