arstechnica.com - 1 year ago

Apple scrambles after 40 malicious XcodeGhost apps haunt App Store

appstore640x427.jpg

Apple officials are cleaning up the company's App Store after a security firm reported that almost 40 iOS apps contained malicious code that made iPhones and iPads part of a botnet that stole potentially sensitive user information.

The 39 affected apps which included version 6.2.5 of the popular WeChat for iOS, CamScanner, and Angry Birds 2 may have been downloaded by hundreds of millions of iPhone and iPad users, security researchers said. The programs were infected by a tampered version of Apple's legitimate iOS and OS X app development tool called Xcode. A repacked tool, called XcodeGhost, surreptitiously inserted malicious code alongside normal app functions that caused the app to report to a command and control server. From there, the app reported a variety of device information, including the name of the infected app, the app bundle identifier, the device name, type and unique identifier, network information, and the device's "identifierForVendor" details.

Details of the infection were first reported late last week by security firm Palo Alto Networks in blog posts here and here. Researchers from mobile security firm Lookout independently analyzed the same apps, and on Sunday issued a blog post that read in part:

Read 5 remaining paragraphs | Comments

Top News