Home / News / Mobile Phone News / Report: iOS App Store malware infected over 4,000 apps

Report: iOS App Store malware infected over 4,000 apps


App Store logo

The internet has been awash with concerns over a new malware breach affecting Apple’s App Store this week.

We now have a better idea of the scale of the breach, thanks to new information released by cybersecurity firm FireEye.

According to the company, over 4,000 apps were infected as a result of the attack.

The malware, dubbed XcodeGhost, “steals device and user information” and sends “stolen data to a command and control server”, FireEye explains.

XcodeGhost is the first time the iOS App Store has ever distributed a large number of trojanised apps.

To enable the breach, the creators of XcodeGhost tricked developers into using a modified version of Apple’s Xcode software, bypassing Apple’s stringest app approval measures.

A number of notable apps were affected, including Tencent’s WeChat app, used by 600 million people worldwide.

Related: iPhone 6S preview

At the time, Apple provided TrustedReviews with the following statement: “Apple takes security very seriously and iOS is designed to be reliable and secure from the moment you turn on your device.”

It continued: “To protect our customers, we’ve removed the apps from the App Store that we know have been created with this counterfeit software and we are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”

To find out more about the XcodeGhost breach, check out our FAQ right here.

Take a look at our iOS 9 features video below:


September 23, 2015, 12:56 pm

This is an impressive hack. What's particularly interesting is that XCode is available from the Mac OS X App Store. So either developers are deliberately not the Mac App Store as their source of (free) Mac software or their using a different program. It could be that the XCode being used pre-dates the Mac App Store...which means that this has been going on for a long time (which is v. impressive since every iOS update requires an update to XCode). Or simply developers got annoyed at having to download huge (GBs) every time there was an update to XCode and tried a different source.

I would have expected Apple to have caught it in their verification of the App rather than just verifying that 'their own tools' were used to create the app. I doubt we'll ever get the full story.


September 26, 2015, 2:58 pm

I understand that in China it can be difficult to download Xcode from the official site, it takes ages for all those GBytes. Easier to get it from "mirror" sites locally. Turns out they were not what they seemed to be. So yes, very clever, exploit the human weakness in the system, the predictable choice of the path of least resistance.
Genuine businesses could learn a lot about customer care from the crooks!

comments powered by Disqus