Several Malware-embedded Apps Found In Chinese Apple App Store

Posted: Sep 19 2015, 12:50pm CDT | by , in News | Apple

Several malware-embedded apps found in Chinese Apple App Store
ios hacker

Apple App Store is not a heaven for safe apps anymore

The Chinese iOS application store was the home to two applications with light implanted malware.

Apps compiled from a modified version of Apple's Xcode development environment found on Chinese piracy sites have been found to include "XcodeGhost."

It is a malware package that collects time, device name, and network type. In itself, the data collection is not a big issue at all, but rather of more concern.

It means that the Apple's screening procedure for the apps plainly neglected to recognize the threat, even if it was mild.

Security researchers found at least 20 applications afflicted with the XcodeGhost malware package on different archives.

As reported, the malware is situated in a Mach-O object file that was repackaged into some versions of Xcode installers.

These malicious installers were then uploaded to Baidu's cloud file sharing service for used by Chinese iOS/OS X developers.

The infected apps collect information like phone's name, language, UUID, and country, current time and network type when installed.

One of them is the famous NetEase Cloud Music which has nearly 500 ratings, with an average of 4.5 stars.

Palo Alto recommends that "Apple developers should always use Xcode directly downloaded from Apple, and regularly check their installed Xcode's code signing integrity to prevent Xcode from being modified by other OS X malware."

This story may contain affiliate links.


Find rare products online! Get the free Tracker App now.

Download the free Tracker app now to get in-stock alerts on Pomsies, Oculus Go, SNES Classic and more.

Latest News


The Author

<a href="/latest_stories/all/all/32" rel="author">Ahmed Humayun</a>
Ahmed Humayun is a technology journalist bringing you the hottest tech stories of the day.




comments powered by Disqus