This might be hard to believe but at least 39 apps in App Store are infected with malware. We are talking about some very popular apps such as WeChat, the most popular Chinese messaging app, and the ride-sharing app, Didi Chuxing, which is the most popular Uber-esque service in China. The malware found in these apps is named XcoseGhost because this virus infects apps through a malicious version of Apple’s Xcode.
This is obviously not the first time that malware was found in App Store apps, but what is really surprising this time is the fact that this virus has a very unique way in managing to inject itself into apps. Usually, developers purposely place malware into apps to distribute it, but this time it is happening without the knowledge of the original developers, making this news even more shocking.
As mentioned above, XcodeGhost gets into apps through a malicious version of Apple Xcode, which is downloaded from Baidu. Chinese iOS/OX developers often use this version instead of the most up-to-date version of IDE available from Apple. This is undoubtedly a very advanced method to distribute the virus in iOS apps and makes it very easy to understand how this malware managed to get injected in trusted and popular apps like WeChat.
Now, all of the files related to Xcode have been removed from Baidu’s servers after the company was alerted.
According to a report by Palo Alto Networks, the XcodeGhost can be remotely controlled by the attacker to phish, take advantage of vulnerabilities on apps or exploit the local system.
Other infected apps include Railway 12306 (the only official app in China to offer train tickets), and stock trading platforms like Tonghuashun, China Unicom Mobile Office, etc.
If you really thought that iOS is untouchable and cannot be harmed by malicious installations, you would probably want to change your opinion now. This news should come as a serious concern and we should be more careful in the future!