Apple Inc said on Sunday it is cleaning up its App Store in order to remove the malicious iPad and iPhone programs.
The action was taken after several cyber security firms reported finding a malicious program dubbed XcodeGhost which was embedded in hundreds of legitimate apps.
It is the first time when a large number of malicious software make their way into App Store after clarification by App review process of Apple stringer. Before this attack just five malicious apps were founded in App Store, it is reported by cyber security firm Palo Alto Networks Inc.
The hackers embedded the malicious code in these apps by convincing developers of legitimate software to use a tainted, counterfeit version of Apple’s software for creating iOS and Mac apps, which is known as Xcode, Apple said.” Reported by Reuters
“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” Apple spokeswoman Christine Monaghan said in an email. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”
She didn’t mention any safety step which are to be taken by Apple consumers, and how to determine whether their devices are infected or not.
Palo Alto Networks Director of Threat Intelligence Ryan Olson said the malware had limited functionality and his firm had uncovered no examples of data theft or other harm as a result of the attack.
Ryan Olson Palo Alto Networks Director of Threat Intelligence said:
“malware had limited functionality and his firm had uncovered no examples of data theft or other harm as a result of the attack.”
He also included it was “a pretty big deal” because the attack was too large on scale and App Store could be compromised if the hackers infected the machines of developers, other attackers can copy that approach, which is hard to defend against.
“Developers are now a huge target”
Tencent Holdings Ltd’s popular mobile chat app WeChat, car-hailing app Didi Kuaidi and music app by NetEase Inc are mentioned to be infected.
The infected version of Xcode was first downloaded from a server in China which developers may have used because that server allowed faster download the Apple’s U.S servers, Olson said.
Qihoo360 Technology Co a Chinese security firm said on its blog that it has uncovered 344 apps infected by XcodeGhost.
Apple didn’t mention the numbers of apps which has been infected.