Apple says identified malicious applications which circumvented the iOS App Store's security protocols have been removed to protect mobile users.
As previously reported by ZDNet, the first successful cyberattack launched against the iPad and iPhone maker's mobile app store is due to fraudulent versions of XCode, Apple's integrated development environment (IDE) and software library used to develop iOS and OS X apps.
The company's security team said the hackers behind the attack took a novel approach to dupe the App Store's processes.
When XCode was hosted on third-party servers rather than an official Apple domain, some versions would include hidden changes which allowed for the download and execution of malware. This, in turn, was able to bypass Apple's strict security checks.
The modified version has been dubbed XCodeGhost.
The Cupertino, California-based company and Palo Alto Networks are working together to scrub the App Store clean of malware-laden applications.
"We've removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps."
Known infected applications include an old version of WeChat -- which has since been cleaned and upgraded -- and China-related IM systems, banking apps, maps, stock trading apps and games, as well as China Unicom Mobile Office and Railway 12306, which is the only official way to buy train tickets in China.
Prior to this scenario, only five malicious applications have been discovered in the Apple iOS App Store.