iLoungeiLounge
    Facebook Twitter Instagram YouTube LinkedIn RSS
    • About Us
    • Contact Us
    • Privacy Policy
    • Terms Of Use
    Facebook Twitter Instagram YouTube LinkedIn RSS
    iLoungeiLounge
    • News
      • Apple
        • AirPlay
        • iCloud
        • iTunes
        • HealthKit
        • HomeKit
        • HomePod
        • iOS 13
        • Apple Pay
        • Apple TV
        • Siri
      • AirPods Pro
      • Apps
        • Apple Music
      • Rumors
      • Humor
      • Technology
        • CES
      • Articles
      • Web Stories
    • iPhone
      • iPhone Accessories
    • iPad
    • iPod
      • iPod Accessories
    • Apple Watch
      • Apple Watch Accessories
    • Mac
      • MacBook Air
      • MacBook Pro
    • Reviews
      • App Reviews
    • How-to
      • Ask iLounge
    • Daily Deals
    iLoungeiLounge

    XcodeGhost malware infects hundreds of iOS and OS X apps

    By Dan PyeMay 14, 2021 3:18 pm UTC

    Apple is trying to rid the App Store of hundreds of apps containing a malicious program called XcodeGhost, Reuters reports. The flaw was brought to Apple’s attention by several cybersecurity firms last week, including Palo Alto Networks, which claims that popular apps like Angry Birds 2 and WeChat have been built with a counterfeit version of Xcode downloaded from Chinese servers. The malware’s primary function is to collect information stored on devices and upload that data to remote servers, but it has also been found to prompt fake alerts to phish for passwords from users, hijack opening specific URLs, and read and write data into the user’s clipboard, allowing the malware to read a user’s password if it is copied from a password management tool.

    Apple hasn’t commented on what iPhone and iPad users can do to determine which devices have been infected, but spokeswoman Christine Monaghan said, “We’ve removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.” So far that list doesn’t include popular apps like Angry Birds 2 or WeChat, which are still available in the App Store as of Monday morning. Angry Birds maker Rovio has also made no mention if the XcodeGhost bug, making the app’s inclusion on the list even more baffling. Palo Alto Networks Director of Threat Intelligence Ryan Olson said the firm had uncovered no clear cases of data theft or harm as a result of the attack so far, but that the attack is significant because it proved the App Store’s security can be compromised by infecting the machines of software developers writing legitimate apps. The full list of affected apps published by Palo Alto Networks (including titles translated from Mandarin by Business Insider) is listed below:
    WeChat
    Didi Chuxing
    Angry Birds 2
    NetEase
    Micro Channel
    IFlyTek input
    Railway 12306
    The Kitchen
    Card Safe
    CITIC Bank move card space
    China Unicom Mobile Office
    High German map
    Jane book
    Eyes Wide
    Lifesmart
    Mara Mara
    Medicine to force
    Himalayan
    Pocket billing
    Flush
    Quick asked the doctor
    Lazy weekend
    Microblogging camera
    Watercress reading
    CamScanner
    CamCard
    SegmentFault
    Stocks open class
    Hot stock market
    Three new board
    The driver drops
    OPlayer
    Telephone attribution assistant
    Marital bed
    Poor tour
    I called MT
    I called MT 2
    Freedom Battle

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Dan Pye

    Dan Pye was a news editor at iLounge. He's been involved with technology his whole life, and started writing about it in 2009. He's written about everything from iPhone and iPad cases to Apple TV accessories.

    Latest News
    Turn Your iPad into a Mini Laptop with the Discounted Zagg Messenger Folio 2
    Apple Adds Original iPad Air and Thunderbolt Display to ‘Obsolete’ List
    Apple drops iPhone prices for China’s ‘618’ festival
    Apple TV+ Series ‘Lessons in Chemistry’ to debut October 13
    Airplane Mode: Its Purpose and Proper Use
    Smartify Your Home with the Discounted Meross Dual Outlet HomeKit Smart Plug
    2023 Swift Student Challenge Winners revealed
    Apple Music Classical launches on Android

    iLounge logo

    iLounge is an independent resource for all things iPod, iPhone, iPad, and beyond. iPod, iPhone, iPad, iTunes, Apple TV, and the Apple logo are trademarks of Apple Inc.

    Contact Us: [email protected]

    Tel: +1302-208-9669

    iLounge, 2810 North Church Street, Wilmington, Delaware, 19802, United States.

    • Contact Us
    • Submit News
    • About Us
    • Forums
    • Privacy Policy
    • Terms Of Use
    This website is not affiliated with Apple Inc.
    iLounge © 2001 - 2023. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.