Apple is removing hundreds of apps from the App Store after discovering that they contain a malicious program called XcodeGhost.
In the entire lifespan of the App Store, Apple has only previously found five malicious apps — making this easily the single biggest security lapse in App Store history.
Apple has declined to say exactly how many apps slipped past its review process, but Chinese security firm Qihoo360 Technology claims to have uncovered a total of 344 apps affected by XcodeGhost.
XcodeGhost made its way into legitimate apps when it was uploaded to the Chinese file sharing service Baidu and then downloaded by some Chinese app developers. They then compiled their apps using the malicious code and distributed them via the App Store.
Because of the apps’ origin, most of the affected users are based in China, although some of the other apps — such as scanner app CamCard — are available in the U.S. and other countries. The most popular app affected in WeChat, which is widely used in both China and other parts of the Asia-Pacific region. WeChat says the malicious XcodeGhost only affects older versions of the app.
“We’ve removed the apps from the app store that we know have been created with this counterfeit software,” Apple spokeswoman Christine Monaghan said in a statement. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”
Apple has pulled infected apps off the store to stop stop the spread, but users still need to delete XcodeGhost apps off their devices manually. Most of the apps infected are mostly used in China, however some big name apps like WeChat, Angry Birds 2, and Didi Chuxing (Uber’s biggest rival in China) were also hit.
Here’s a full list of infected apps:
WeChat
Didi Chuxing
Angry Birds 2
NetEase
Micro Channel
IFlyTek input
Railway 12306
The Kitchen
Card Safe
CITIC Bank move card space
China Unicom Mobile Office
High German map
Jane book
Eyes Wide
Lifesmart
Mara Mara
Medicine to force
Himalayan
Pocket billing
Flush
Quick asked the doctor
Lazy weekend
Microblogging camera
Watercress reading
CamScanner
CamCard
SegmentFault
Stocks open class
Hot stock market
Three new board
The driver drops
OPlayer
Mercury
WinZip
Musical.ly
PDFReader
Perfect365
PDFReader Free
WhiteTile
IHexin
WinZip Standard
MoreLikers2
CamScanner Lite
MobileTicket
iVMS-4500
OPlayer Lite
QYER
golfsense
Ting
Golfsensehd
Wallpapers10000
CSMBP-AppStore
MSL108
TinyDeal.com
snapgrab copy
iOBD2
PocketScanner
CuteCUT
AmHexinForPad
SuperJewelsQuest2
air2
InstaFollower
CamScanner Pro
baba
WeLoop
DataMonitor
MSL070
nice dev
immtdchs
OPlayer
FlappyCircle
BiaoQingBao
SaveSnap
Guitar Master
jin
WinZip Sector
Quick Save
Editor's Note:
Do you have a story to share? Please use our submission form or email us at editorial@allsingaporestuff.com. If not, why not give us a 'Like'?