Skip to main content
  1. Home
  2. Mobile
  3. News

Apple cleans up iOS store after major malware security breach

By

iOS 9 Hands On
Malarie Gokey/Digital Trends
Although it has its detractors, Apple’s closed ecosystem has helped it to maintain strict control over its iOS App Store, with stringent checks working to eliminate malware from making it into the store.

In recent days, however, a number of security firms have uncovered the existence of infected iPhone apps in the iOS store in what looks to be the biggest security breach in the store’s seven-year history.

Recommended Videos

Security firm Palo Alto Networks (PAN) said it’d so far uncovered 39 infected apps “potentially impacting hundreds of millions of users” in multiple countries. It described the malicious software as “a very harmful and dangerous malware that has bypassed Apple’s code review and made unprecedented attacks on the iOS ecosystem.”

PAN’s analysis of the malware revealed it’s capable of, for example, prompting fake phishing alerts to grab user credentials, as well as reading and writing data in the user’s clipboard, which could be used to obtain password information if such data is copied from a password management tool.

In a statement obtained by Reuters, Apple spokesperson Christine Monaghan said, “We’ve removed the apps from the App Store that we know have been created with this counterfeit software.”

Affected software includes leading Chinese messaging app WeChat and China-based Uber competitor Didi Kuaidi. WeChat said in a blog post the malware had been discovered in an earlier version of its app and so iOS users should ensure they have the latest malware-free version on their device.

It seems hackers targeted Chinese developers in their effort to get the malware into apps and onto the App Store. This was done by getting developers to use a tainted version of Apple’s app development tool, called Xcode.

Without realizing, developers using the tainted software, dubbed XcodeGhost, were incorporating malware into their apps before submitting them to the App Store. Apple’s own checking procedures failed to spot the malicious software, allowing infected apps into the App Store for iPhone, iPad, and iPod Touch users to download.

With Apple proud of its reputation for security when it comes to its iOS app store, the incident will be a matter of concern – and embarrassment – for the company. Apple said on Sunday it’s warning iOS developers to obtain Xcode only from its own site, rather than from third-party sources, which seems to have been the case here.

Editors' Recommendations

Topics
Trevor Mogg
Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Arc Search, one of the best iPhone apps right now, just got even better
Arc Search's Call Arc feature.

One of our favorite iPhone browser apps has just introduced an interesting new feature. Arc Search’s new "Call Arc" tool functions similarly to making a phone call on your iPhone 15 Pro or other iPhone. Instead of speaking to someone on the other end of the line, though, you ask Arc to answer your queries. The outcome is fresh and unique, and it actually works really well.

Before its latest software update, Arc Search already offered a voice search feature. The AI-powered Call Arc is different and designed for people on the go who are looking for quick answers to short questions.

Read more
Here are the 7 new emoji coming to your iPhone with iOS 18
2024 emoji.

It's that time of year again! The Unicode Consortium has released a preview of new emoji that will likely be included in a version of iOS 18 later this year or early next year. It will be up to Apple to officially add them to the next iOS, iPadOS, watchOS, macOS, and visionOS versions.

The new emoji announced today include ones for a sleepy face, fingerprint, leafless tree, vegetable root, harp, shovel, and splatter. The emoji examples provided by Unicode serve as starting points for Apple designers to create finished designs and are not the final images Apple will use. Google and other platform users will also work with these emoji as a starting point.

Read more
Emulators have changed the iPhone forever
Street Fighter emulated on an iPhone.

The iPhone App Store is finally home to a few emulators. For folks not into gaming, an emulator is software that allows you to run code from another platform. In this case, we are talking about emulators that let you play titles from retro game consoles (such as the Game Boy Advance) by taking the code installed on hardware (like a cartridge) and letting it run via apps on non-native machines (such as iPhones and iPads).

It seems fans have kept their eyes on this landmark development. Soon after its release, the Delta emulator app climbed to the top of the App Store download charts in 35 countries. An iPad app is already on its way. The momentum continued with the release of the Gamma emulator for PlayStation 1 titles. And last week, PPSSPP – arguably the best mobile emulator out there – landed on the App Store.

Read more