Updated 11:29 AM EDT, Tue, Jun 16, 2020

Make CT Your Homepage

Chinese Apple Store Attacked by Malware Program XcodeGhost

Apple Store China Malware Attack

(Photo : Reuters/ Jason Lee) A malware attack on mobile devices in Apple's Stores in China has been successfully contained after it was announced by anti-virus firm Palo Alto.

An anti-virus software company announced on Friday that a malware program called XcodeGhost has infected several Chinese apps in Apple Stores. The malware is being used to collect information from Apple mobile devices such as iPhones and iPads.

The malware creators allegedly inserted their own codes in Apple's iOS, which tricks app developers into using the infected software.

Like Us on Facebook

The affected Apple applications include social media apps (like Tencent's WeChat) as well as music sharing and taxi service apps.

Apple store spokesperson Christine Monaghan said the malicious software and the infected apps are no longer available for download. She said that the company is coordinating with developers to restore their Apple apps.

The spokesperson, however, was silent on how iPhone and iPad owners can know if the apps they are using are already compromised by the malware.

Tencent announced on its WeChat blog that WeChat users should download the latest version of the app. The infected versions of the app include WeChat version 6.2.5 or earlier. The Chinese developer assured the public that no user's data has been compromised.

Palo Alto is the anti-virus firm that discovered the malware, which could have stolen millions of personal and financial information from unsuspecting users. The firm's spokesperson Ryan Olson said the malware's threat is limited. He said they have no reason to believe that it has stolen any user data or has caused damages to any Apple mobile device.

He noted that unlike other cyber attacks, which targets users, the attackers were targeting appcdevelopers. Hackers may start to shift their attacks to app developers rather than app users.

Investigation revealed that the infected software may have been downloaded from a local server by developers due to its fast download speed in contrast to a U.S.-based Apple server.

China-based internet security company Qihoo360 claims that more than 300 Apples apps may have been infected, although Apple would not release its own figure.

Euromonitor International spokesperson Wee Teck Loo said despite the malware attack against Apple, he does not believe that consumers will stay away from the company's products.

The spokesperson added that mobile device users are particularly vulnerable to malware due to their lack security caution.

Real Time Analytics