iOS is safer than Android when it comes to malware attacks, but that doesn’t mean hackers aren’t successfully targeting the iPhone and iPad with malicious programs supposed to steal sensitive data. Usually, iOS malware reports explain that jailbroken devices are at risk, especially in Asian countries and that only a tiny fraction of Apple’s massive number of customers is affected. However, that’s not the case anymore.
A substantial security threat called XcodeGhost managed to fool App Store security and sneak into the App Store inside real App Store apps potentially affecting hundreds of millions of iPhone and iPad users on both stock and jailbroken devices. The one thing that’s common with recent iOS hacks is that the threat comes from China.
DON'T MISS: Apple Watch sales are about to explode, here’s why
Rather than trying to have malware apps accepted by Apple’s strict App Store approval team, smart hackers from China targeted the middleman instead. The hackers included malicious code in a customized version of Xcode – the tool developers use to package iOS apps – and made it available to developers in China. These unsuspecting devs went for it, choosing to download the unofficial Xcode release from untrusted servers in China, which were faster than Apple’s official download.
The developers then used the fake Xcode to work on their apps, including popular chat client WeChat that has some 600 million users. More than 50 apps containing XcodeGhost were accepted in the App Store.
The hack was discovered by security research company Palo Alto Networks, who worked with Apple on the issue. The company already told Reuters that it has removed the malicious apps from the App Store, and it’s working with developers to mitigate the problem.
“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” Apple said. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”
The company did not say how many apps it had to remove, or how many users might be at risk.