X

Apple cleanses App Store of tainted iPhone, iPad software

An infected, counterfeit version of Apple's Xcode developer software apparently led to dozens of compromised apps.

Daniel Van Boom Senior Writer
Daniel Van Boom is an award-winning Senior Writer based in Sydney, Australia. Daniel Van Boom covers cryptocurrency, NFTs, culture and global issues. When not writing, Daniel Van Boom practices Brazilian Jiu-Jitsu, reads as much as he can, and speaks about himself in the third person.
Expertise Cryptocurrency, Culture, International News
See full bio
Daniel Van Boom
2 min read

Enlarge Image
The new iPhone 6S and 6S Plus. James Martin/CNET

Apple has discovered and removed from its iPhone and iPad App Store dozens of apps that were infected by malware.

The tainted software made it into the App Store via a counterfeit version of Apple's Xcode program, which is used to create apps for the iOS and Mac system software.

According to security firm Palo Alto Networks, which initially reported the breach, 39 apps were compromised by the counterfeit, called XcodeGhost, including ones used for trading stocks and banking.

Apple said it had purged the compromised apps from its online storefront.

"We've removed the apps from the App Store that we know have been created with this counterfeit software," an Apple spokeswoman told CNET. "We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps."

The Cupertino, California-based company didn't confirm how many apps were tainted. WeChat, a messaging app with over 500 million monthly users, was among them, according to Palo Alto Networks. Its developer, Tencent, has said that only users of an older version of WeChat could potentially be affected.

See also: Why you'll want to install that new iPhone operating system ASAP: Protection from hackers

Last week, Apple released iOS 9, the latest version of the software that powers iPhones, iPads and iPod Touches. On Monday, it said that more than 50 percent of those devices had already been upgraded to iOS 9.

Apple's App Store security has historically been solid. Palo Alto Networks noted that prior to this attack only five malware-infected apps have been able to make it through the company's testing. There are over 1.5 million apps in the store.

Ryan Olsen, the firm's director of threat intelligence, told Reuters that the malware was relatively harmless, but that the attack is significant in that it proves the App Store can be compromised on a large scale.

The developers using XcodeGhost were likely unaware that they were using spurious software. Chinese developers often download Xcode from unofficial, local sites due to the slow download speed associated with sourcing it from Apple's faraway US servers. The attackers took advantage by slipping the counterfeit versions in among the regular programs.

Apple suggests that many developers had disabled their Mac computers' Gatekeeper feature, which restricts where you can download apps from and is designed to flag malicious software.

The news of the tainted apps comes less than three weeks after it was revealed that 225,000 iPhones had been hacked, with the information of their owners all stolen. However, the cyberattackers here were only able to target jailbroken devices, whose owners had bypassed security settings.