Apple is trying to rid the App Store of hundreds of apps containing a malicious program called XcodeGhost, Reuters reports. The flaw was brought to Apple’s attention by several cybersecurity firms last week, including Palo Alto Networks, which claims that popular apps like Angry Birds 2 and WeChat have been built with a counterfeit version of Xcode downloaded from Chinese servers.
The malware’s primary function is to collect information stored on devices and upload that data to remote servers, but it has also been found to prompt fake alerts to phish for passwords from users, hijack opening specific URLs, and read and write data into the user’s clipboard, allowing the malware to read a user’s password if it is copied from a password management tool.
Apple hasn’t commented on what iPhone and iPad users can do to determine which devices have been infected, but spokeswoman Christine Monaghan said, “We’ve removed the apps from the App Store that we know have been created with this counterfeit software.
We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.” So far that list doesn’t include popular apps like Angry Birds 2 or WeChat, which are still available in the App Store as of Monday morning. Angry Birds maker Rovio has also made no mention if the XcodeGhost bug, making the app’s inclusion on the list even more baffling.
