Apple’s App Store infected with XcodeGhost malware in China
How is XcodeGhost distributed?
A malicious version of Xcode was uploaded to Chinese cloud file sharing service Baidu and downloaded by some iOS developers in China.
Chinese developers then unknowingly compiled iOS apps using the modified Xcode IDE and distributed those infected apps through the App Store.
Those apps then managed to pass through Apple’s code review process, enabling iOS users to install or update the infected apps on their devices.
Which apps are affected?
Palo Alto Networks has shared a full list of over 50 infected iOS apps, including WeChat, NetEase Cloud Music, WinZip, Didi Chuxing, Railway 12306, China Unicom Mobile Office and Tonghuashun.
How many users are affected?
XcodeGhost potentially affects more than 500 million iOS users, primarily because messaging app WeChat is very popular in China and the Asia-Pacific region.
Apple Removes 300 Infected Apps from App Store
Hundreds of Legitimate iOS Apps Infected by Malware, Removed From App Store
Didi Chuxing (developed by Uber’s biggest rival in China Didi Kuaidi)
Angry Birds 2
Railway 12306 (the only official app used for buying train tickets in China.)
CITIC Bank move card space
China Unicom Mobile Office
High German map
Medicine to force
Quick asked the doctor
CamCard (a very popular business card reader.)
Stocks open class
Hot stock market
Three new board
The driver drops
Telephone attribution assistant
I called MT
I called MT 2