Apple combats cyberattack, begins iOS App Store scrub

The tech giant is cleaning house after at least 39 popular iOS apps were found to place users at risk of exploit.


Apple says identified malicious applications which circumvented the iOS App Store's security protocols have been removed to protect mobile users.

As previously reported by ZDNet, the first successful cyberattack launched against the iPad and iPhone maker's mobile app store is due to fraudulent versions of XCode, Apple's integrated development environment (IDE) and software library used to develop iOS and OS X apps.

At least 48 apps installed by millions of Apple device owners include malware, according to a Palo Alto Networks report.

The company's security team said the hackers behind the attack took a novel approach to dupe the App Store's processes.

When XCode was hosted on third-party servers rather than an official Apple domain, some versions would include hidden changes which allowed for the download and execution of malware. This, in turn, was able to bypass Apple's strict security checks.

The modified version has been dubbed XCodeGhost.

The Cupertino, California-based company and Palo Alto Networks are working together to scrub the App Store clean of malware-laden applications.

An Apple spokesman told sister site CNET:

"We've removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps."

Known infected applications include an old version of WeChat -- which has since been cleaned and upgraded -- and China-related IM systems, banking apps, maps, stock trading apps and games, as well as China Unicom Mobile Office and Railway 12306, which is the only official way to buy train tickets in China.

Prior to this scenario, only five malicious applications have been discovered in the Apple iOS App Store.

Jens Monrad, Systems Engineer at FireEye told ZDNet:

"This of course puts the end user at risk and therefore all people who can freely download apps from the App Store including enterprise users.

It can also be used by cyber criminals to test the waters of Apple's security programs and as they were able to bypass it, they might try other methods where they include similar tools like Xcode."

Read on: Top picks