Apple App Store is not a heaven for safe apps anymore
The Chinese iOS application store was the home to two applications with light implanted malware.
Buy Now: Sony PlaysStation VR In Stock Here
Apps compiled from a modified version of Apple's Xcode development environment found on Chinese piracy sites have been found to include "XcodeGhost."
It is a malware package that collects time, device name, and network type. In itself, the data collection is not a big issue at all, but rather of more concern.
It means that the Apple's screening procedure for the apps plainly neglected to recognize the threat, even if it was mild.
Security researchers found at least 20 applications afflicted with the XcodeGhost malware package on different archives.
As reported, the malware is situated in a Mach-O object file that was repackaged into some versions of Xcode installers.
These malicious installers were then uploaded to Baidu's cloud file sharing service for used by Chinese iOS/OS X developers.
The infected apps collect information like phone's name, language, UUID, and country, current time and network type when installed.
One of them is the famous NetEase Cloud Music which has nearly 500 ratings, with an average of 4.5 stars.
Don't Miss: Incredible Pokemon Gifts
Palo Alto recommends that "Apple developers should always use Xcode directly downloaded from Apple, and regularly check their installed Xcode's code signing integrity to prevent Xcode from being modified by other OS X malware."