Apple’s App Store infected with XcodeGhost malware in China

How is XcodeGhost distributed?
A malicious version of Xcode was uploaded to Chinese cloud file sharing service Baidu and downloaded by some iOS developers in China.
Chinese developers then unknowingly compiled iOS apps using the modified Xcode IDE and distributed those infected apps through the App Store.
Those apps then managed to pass through Apple’s code review process, enabling iOS users to install or update the infected apps on their devices.

Which apps are affected?
Palo Alto Networks has shared a full list of over 50 infected iOS apps, including WeChat, NetEase Cloud Music, WinZip, Didi Chuxing, Railway 12306, China Unicom Mobile Office and Tonghuashun.

How many users are affected?
XcodeGhost potentially affects more than 500 million iOS users, primarily because messaging app WeChat is very popular in China and the Asia-Pacific region.

Apple Removes 300 Infected Apps from App Store

Hundreds of Legitimate iOS Apps Infected by Malware, Removed From App Store
Didi Chuxing (developed by Uber’s biggest rival in China Didi Kuaidi)
Angry Birds 2
Micro Channel
IFlyTek input
Railway 12306 (the only official app used for buying train tickets in China.)
The Kitchen
Card Safe
CITIC Bank move card space
China Unicom Mobile Office
High German map
Jane book
Eyes Wide
Mara Mara
Medicine to force
Pocket billing
Quick asked the doctor
Lazy weekend
Microblogging camera
Watercress reading
CamCard (a very popular business card reader.)
Stocks open class
Hot stock market
Three new board
The driver drops
Telephone attribution assistant
Marital bed
Poor tour
I called MT
I called MT 2
Freedom Battle

By: |21/09/2015|categories: