
For those of you who didn’t know, the App Store recently suffered its worst security breach in its history over the weekend. It was discovered that hundreds of Chinese apps had a malicious program dubbed “XcodeGhost” embedded in their software. The security lapse made its way into legitimate apps all because of Chinese developers who used a counterfeit version of Apple’s Xcode software that was uploaded to the file sharing service named Baidu.
By using XcodeGhost to compile the apps, developers accidentally allowed the malicious code to be packaged in the apps that were then distributed through the App Store. Upon discovering the issue, Apple ended up pulling the infected apps off the store to help stop the spread but users are being encouraged to delete the XcodeGhosts apps off their devices manually. It should be noted that most of the apps that are infected are the ones used in China however there do appear to be some big name apps that should be pointed out such as WeChat and AngryBirds 2.
Please take a close look at the apps that were infected below and remove them from your iOS device to be on the safe side:
- Angry Birds 2
- CamCard
- CamScanner
- Card Safe
- China Unicom Mobile Office
- CITIC Bank move card space
- Didi Chuxing developed by Uber’s biggest rival in China Didi Kuaidi
- Eyes Wide
- Flush
- Freedom Battle
- High German map
- Himalayan
- Hot stock market
- I called MT
- I called MT 2
- IFlyTek input
- Jane book
- Lazy weekend
- Lifesmart
- Mara Mara
- Marital bed
- Medicine to force
- Micro Channel
- Microblogging camera
- NetEase
- OPlayer
- Pocket billing
- Poor tour
- Quick asked the doctor
- Railway 12306 the only official app used for buying train tickets in China
- SegmentFault
- Stocks open class
- Telephone attribution assistant
- The driver drops
- The Kitchen
- Three new board
- Watercress reading
We'd recommend deleting these apps and waiting for updated iterations from the App Store to replace your potentially infected copy.
Source: Palo Alto Networks
Message