Skip to main content
  1. Home
  2. Mobile
  3. News

Apple cleans up iOS store after major malware security breach

By

iOS 9 Hands On
Malarie Gokey/Digital Trends
Although it has its detractors, Apple’s closed ecosystem has helped it to maintain strict control over its iOS App Store, with stringent checks working to eliminate malware from making it into the store.

In recent days, however, a number of security firms have uncovered the existence of infected iPhone apps in the iOS store in what looks to be the biggest security breach in the store’s seven-year history.

Security firm Palo Alto Networks (PAN) said it’d so far uncovered 39 infected apps “potentially impacting hundreds of millions of users” in multiple countries. It described the malicious software as “a very harmful and dangerous malware that has bypassed Apple’s code review and made unprecedented attacks on the iOS ecosystem.”

Related

PAN’s analysis of the malware revealed it’s capable of, for example, prompting fake phishing alerts to grab user credentials, as well as reading and writing data in the user’s clipboard, which could be used to obtain password information if such data is copied from a password management tool.

In a statement obtained by Reuters, Apple spokesperson Christine Monaghan said, “We’ve removed the apps from the App Store that we know have been created with this counterfeit software.”

Affected software includes leading Chinese messaging app WeChat and China-based Uber competitor Didi Kuaidi. WeChat said in a blog post the malware had been discovered in an earlier version of its app and so iOS users should ensure they have the latest malware-free version on their device.

It seems hackers targeted Chinese developers in their effort to get the malware into apps and onto the App Store. This was done by getting developers to use a tainted version of Apple’s app development tool, called Xcode.

Without realizing, developers using the tainted software, dubbed XcodeGhost, were incorporating malware into their apps before submitting them to the App Store. Apple’s own checking procedures failed to spot the malicious software, allowing infected apps into the App Store for iPhone, iPad, and iPod Touch users to download.

With Apple proud of its reputation for security when it comes to its iOS app store, the incident will be a matter of concern – and embarrassment – for the company. Apple said on Sunday it’s warning iOS developers to obtain Xcode only from its own site, rather than from third-party sources, which seems to have been the case here.

Editors’ Recommendations

Topics
Trevor Mogg
Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Apple just announced iPadOS 18. Here are the most exciting features
Home Screen of the M4 iPad Pro.

Apple’s Worldwide Developer Conference (WWDC) started today. This annual event is one of the biggest for Apple of the entire year, giving us an early look at the company's next software updates for its biggest products.

One of the many announcements at WWDC 2024 was iPadOS 18 — the next major software update for the iPad. The upcoming iPadOS 18 has a lot in common with iOS 18, and when it arrives on your iPad later this year, it'll be chock-full of new features for you to check out. Here's what's new.
Home screen, apps, and control center updates

Read more
iOS 18 may have a fun surprise for longtime iPhone fans
Apple iPhone 6S

If you’ve been a longtime iPhone user, you’ve probably seen every default wallpaper iOS has to offer — and you’ve likely had a few favorites that you miss. The good news is that, according to the latest news about Worldwide Developers Conference (WWDC) 2024, Apple is set to bring back many old-school wallpapers dating back to the early days of the Mac and iPhone.

“Apple’s devices are getting new wallpaper packs, including Mac versions that reference old-school icons and slogans,” said Bloomberg’s Mark Gurman in a report. “The iPhone wallpapers will have options that look similar to early ones on the phone.”

Read more
Here’s how iOS 18 will make iMessage better than ever
Close-up photo of the Messages app on an iPhone.

We can't wait for Apple's Worldwide Developers Conference (WWDC 2024) keynote on Monday, June 10. During that event, Apple will undoubtedly introduce iOS 18 for iPhones, including the iPhone 15 Pro. The rumor mill has long suggested that iOS 18 may be a giant iPhone update.

Now, Bloomberg's Mark Gurman has given us a peek at what changes could be coming to iMessage in the upcoming software update.

Read more