Apple has updated its Chinese XcodeGhost FAQ to reveal the 25 studios responsible for the surge in Chinese malware. Apple also confirmed all iPhones should be safe from any malicious attacks, after investigating the root malware files.
We were already aware of WeChat and DiDi Taxi, but the new reveal includes Angry Birds 2, Baidu Music, Encounter, and Foreign Harbor, amongs other apps. The list does not include any Alibaba or 360 Mobile apps, two prominent mobile studios, even though WeChat was a big offender, none of Tencent’s QQ apps were found with malware either.
The full list:
Most of these names don’t mean much to Western iOS users, but in Southeast Asia some of these apps are the most popular on the iOS App Store. DiDi Taxi accounts for 70 percent of all mobile taxi bookings in China, forcing Uber to sit in second place. WeChat has over 600 million active monthly users, catching up to Facebook Messenger and WhatsApp. Other apps like Encounter, Baidu Music, NetEase Music, and 58 Classified also have millions of active users, who may have entered personal information into the app.
While Apple has stressed that the malware was only able to see general information like apps and system, the company is still struggling to get the situation under control. In the FAQ, the company says iCloud and personal information on apps should be safe, since the malicious code was incapable of finding it.
Apple is working with app developers in China to install the proper version of Xcode. The reason XcodeGhost became so popular was time efficiency; Apple was not pushing Xcode beta to Chinese studios quick enough, so most app developers decided to use a faulty version to test the new features in iOS 9.
Faulty versions of Xcode tend to be rooted out by Apple quickly, but this one slipped under the company’s nose for months. Palo Alto Networks originally broke the news that hundreds of millions of iPhones and iPads are now under threat, and Apple responded a few days later.