Over 30 apps identified by Apple, mostly available on the Chinese App Store, were infected with malware after developers mistakenly downloaded a rogue copy of iOS Xcode development tool. Apple quickly responded over the weekend by pulling the apps from the App Store, and today the company has updated its XcodeGhost Q&A page with a list of the top 25 most popular apps impacted by the malware. The list includes popular titles such as Rovio’s Angry Birds 2 and the messaging app WeChat.
Apple confirmed on Sunday that it has removed several apps from the App Store to clean up malicious malware affecting users, according to Reuters. Apple moved quickly to solve the problem after several security firms published a list of infected apps, including popular titles such as Angry Birds 2 and the messaging service WeChat.
"We’ve removed the apps from the App Store that we know have been created with this counterfeit software," Apple spokeswoman Christine Monaghan said in an email to Reuters. "We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps."
Apple has pulled a malicious app from its App Store after the Russian security firm Kaspersky Lab reported that it was a Trojan that uploads a user's contact info to the developer's servers.
"At first glance, this seemed to be an SMS worm spread via sending short messages to all contacts stored in the phone book with the URL to itself," explained Kaspersky Lab‘s Denis Maslennikov. "However, our analysis of the iOS and Android versions of the same application showed that it’s not an SMS worm but a Trojan that uploads a user’s phonebook to remote server. The ‘replication’ part is done by the server – SMS spam messages with the URL to the application are being sent from the remote server to all the contacts in the user’s address book.”
The application mostly attacked Russian users, but it was available worldwide via the App Store and Google Play for Android devices. Kaspersky Lab reminded everyone that "there have not been any incidents of malware inside the iOS Apple App Store since its launch 5 years ago."
Only days after the ikee worm was unleashed on Australian iPhone users a tool has been discovered that steals private data from jailbroken iPhones. iPhone/Privacy.A is a malware tool that runs on computers (or on an iPhone) and scans the Wi-Fi network for vulnerable iPhones.
After discovering and accessing the devices in range it copies all private data including SMS messages, videos, email, calendars, music, photos and all other app data to the computer. The program does all this without ever making the iPhone user aware of its intrusion.