MENUMENU

Apple remains silent as major App Store malware attack infects hundreds of apps

Apple logos on building

Scott Schiller/Flickr (CC BY 2.0)

Hundreds of millions of users are affected by this attack.

Researchers discovered the largest-ever malware attack against the Apple App Store last week, a major security breach potentially involving hundreds of popular apps with hundreds of millions of users.

While Apple is currently engaged in a wide-ranging cleanup, the company has so far declined to give examples of major apps that were hit, provide estimates of how many apps were affected, or tell users how to determine if they’ve been affected. Apple did not respond to a request for comment.

The attack is known as XcodeGhost because it was hidden in an infected version of Xcode, an app used to develop software for Apple devices. Programmers who were hit with XcodeGhost unknowingly infected the apps they built, because they compiled those apps using infected versions of Xcode before publishing them to the App Store.

Security experts have identified dozens of infected apps, including WeChat, a popular messenger app with more than 500 million users. WinZip and Musical.ly were among the other affected apps.

The Chinese security researchers Qihoo360 reported that at least 344 apps were infected.

News of the unprecedented attack first surfaced among Chinese developers, followed by security researchers at Palo Alto Networks, who reported that XcodeGhost launched phishing attacks to steal iCloud passwords.

“Based on this new information, we believe XcodeGhost is a very harmful and dangerous malware that has bypassed Apple’s code review and made unprecedented attacks on the iOS ecosystem,” researcher Claud Xiao wrote. “The techniques used in this attack could be adopted by criminal and espionage focused groups to gain access to iOS devices.”

Photo via Scott Schiller/Flickr (CC BY 2.0) 

Patrick Howell O'Neill

Patrick Howell O'Neill

Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.