Skip to main content
  1. Home
  2. Mobile
  3. News

Apple cleans up iOS store after major malware security breach

By

iOS 9 Hands On
Malarie Gokey/Digital Trends
Although it has its detractors, Apple’s closed ecosystem has helped it to maintain strict control over its iOS App Store, with stringent checks working to eliminate malware from making it into the store.

In recent days, however, a number of security firms have uncovered the existence of infected iPhone apps in the iOS store in what looks to be the biggest security breach in the store’s seven-year history.

Recommended Videos

Security firm Palo Alto Networks (PAN) said it’d so far uncovered 39 infected apps “potentially impacting hundreds of millions of users” in multiple countries. It described the malicious software as “a very harmful and dangerous malware that has bypassed Apple’s code review and made unprecedented attacks on the iOS ecosystem.”

Related

PAN’s analysis of the malware revealed it’s capable of, for example, prompting fake phishing alerts to grab user credentials, as well as reading and writing data in the user’s clipboard, which could be used to obtain password information if such data is copied from a password management tool.

In a statement obtained by Reuters, Apple spokesperson Christine Monaghan said, “We’ve removed the apps from the App Store that we know have been created with this counterfeit software.”

Affected software includes leading Chinese messaging app WeChat and China-based Uber competitor Didi Kuaidi. WeChat said in a blog post the malware had been discovered in an earlier version of its app and so iOS users should ensure they have the latest malware-free version on their device.

It seems hackers targeted Chinese developers in their effort to get the malware into apps and onto the App Store. This was done by getting developers to use a tainted version of Apple’s app development tool, called Xcode.

Without realizing, developers using the tainted software, dubbed XcodeGhost, were incorporating malware into their apps before submitting them to the App Store. Apple’s own checking procedures failed to spot the malicious software, allowing infected apps into the App Store for iPhone, iPad, and iPod Touch users to download.

With Apple proud of its reputation for security when it comes to its iOS app store, the incident will be a matter of concern – and embarrassment – for the company. Apple said on Sunday it’s warning iOS developers to obtain Xcode only from its own site, rather than from third-party sources, which seems to have been the case here.

Editors' Recommendations

Topics
Trevor Mogg
Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Everything you need to know about the massive Apple App Store outage
App Store on-screen illustration

Happy Wednesday evening, everyone! You're unwinding for the day, getting ready for a relaxing night, and ... you realize that the App Store and a bunch of other Apple services aren't working. Don't worry, you aren't alone.

What Apple services are down? When did the problems start? Is the outage still ongoing? Here's everything you need to know.
When did the App Store outage start?
According to DownDetector, reports of outages with the App Store flooded in a little after 6 p.m. ET. Reports appear to have spiked at over 6,000, indicating pretty widespread problems.

Read more
The 7 biggest features we expect to see in iOS 18
The home screen on the Apple iPhone 15 Plus.

Apple revealed that its Worldwide Developers Conference (WWDC) will take place on June 10. This is when we expect to see the next iteration of software across all of Apple’s products, including iOS 18.

From the sounds of it, we’re in for a big update with iOS 18, rumored to be one of the “biggest updates” yet. Here’s what we expect from Apple's next major iPhone update with iOS 18.
A more customizable home screen

Read more
This could be our first look at iOS 18’s huge redesign
An iPhone 14 Pro Max and iPhone 14 Pro standing upright on a desk.

While iOS 17 fell short on a visual overhaul, Apple is rumored to be working on an updated identity for its next iOS version. Previous reports have claimed that the upcoming iOS 18 will feature visionOS-like elements introduced on the Apple Vision Pro. A new report confirms this with a leaked image of the iOS 18 Camera app.

According to a report from MacRumors, the next version of the Camera app could feature visionOS-style design elements. It is based on an iPhone frame template that the publication received from an anonymous source who claimed to have received it from an iOS engineer. It is said to have been included as part of the Apple Design Resources for iOS 18.

Read more