As a result, the infected apps can relay sensitive user data back to the hackers, or send fake alerts that can lure a user into giving up an Apple iCloud account password, The Wall Street Journal reported. It said that Chinese applications got infected after software developers were decoyed into using an unauthorized and compromised version of Apple’s developer tool kit.
Hundreds of legitimate apps in the iOS App Store have been infected with malicious code, as Apple struggled to cope with its first large-scale breach of the OS that runs iPhones and iPads.
“Developers who in all likelihood had no malicious intent were tricked into building malware into the otherwise legitimate apps they were creating”.
Apple suggests that many developers had disabled their Mac computers’ Gatekeeper feature, which restricts where you can download apps from and is created to flag malicious software.
Rather than trying to have malware apps accepted by Apple’s strict App Store approval team, smart hackers from China targeted the middleman instead.
Apple has acknowledged that its iOS App Store has been breeched by malware, and has taken decisive steps to eradicate it.
“Sometimes network speeds are very slow when downloading large files from Apple’s servers”, wrote Claud Xiao, a Palo Alto Networks researcher, on its website.
Apple has started a clean-up operation of the Chinese version of its App Store after it was flooded with apps infected with XcodeGhost malware. However, cyber security firm Palo Alto Networks Director of Threat Intelligence Ryan Olson said that the malware had “limited functionality” and no examples of data theft have been found so far.
Tencent said in a statement on social networking service Sina Weibo that it had replaced the compromised version of its app. It also said that users had not lost personal information or other property because of the infection. Chinese developers may have chosen to download Xcode’s malicious version because of its faster download speed in China.