A malicious version of Xcode obtained through Baidu, set the wheels in motion for the spread of the malware |
A malware that infects iOS apps through a malicious version of Apple’s Xcode, has resulted in the discovery of at least 39 infected apps in the Apple App Store. Among the apps affected is the extremely popular Chinese messaging app WeChat, and ride-sharing app Didi Chuxing. The latter is the most popular Uber-esque service in China.
While past viruses on iOS were placed inside an app by the developer, created and published in the App Store to purposely create havoc, this malware enters an app without the knowledge of its developer. Since a rogue version of Xcode was used in this endeavor, the malware itself is being called XcodeGhost.
The malicious version of Xcode was apparently taken off Baidu by Chinese iOS/OS X developers instead of using the most up-to-date version of the IDE available from Apple. The infected version of Xcode has since been removed from Baidu. According to a report by Palo Alto Networks, XcodeGhost can be used by the hacker to remotely phish, or to take advantage of vulnerabilities on apps and the local system.
Some other apps infected include Railway 12306, the only official app in China to offer train tickets. Stock trading platform Tonghuashun, and China Unicom Mobile office are also infected. You can check out all of the malware infected titles by clicking on the sourcelink.
source: PaloAltoNetworks via RedmondPie