Here are the top 25 iOS apps infected with malware by XcodeGhost

As previously noted, most of the apps are from developers in China, and the issue is being resolved. Still, it might be a while before Apple again touts the security and safety of iOS apps.


Apple on Thursday shared a list of the top 25 iOS apps infected with malware as a result of Xcode Ghost.

As previously noted most of the titles are from China-based developers since that's where programmers installed a modified version of Apple's Xcode IDE in lieu of the official version.

The unofficial edition contained methods that nefariously injected malware code into compiled iOS apps, which were then made available through the Apple App Store.

Aside from the new FAQ post from Apple, the company has asked developers to validate their version of Xcode to prevent future apps from containing malware.

Some developers -- most notably, WeChat -- quickly patched their iOS apps to reduce further spreading of the problem. That helps, provided users have enabled automatic updates on their iPhones and iPads.

Indeed, WeChat topped the list of 25 apps Apple has pointed out, which contains games, utilities and other software including an Angry Birds 2 clone.

In terms of impact, Apple says there isn't much:

"We have no information to suggest that the malware has been used to do anything malicious or that this exploit would have delivered any personally identifiable information had it been used. We're not aware of personally identifiable customer data being impacted and the code also did not have the ability to request customer credentials to gain iCloud and other service passwords."

Either way, it's a black eye for the company which prides itself for the level of control, safety and security of software that gets installed on iOS devices.

And it becomes a bit more difficult for Apple in the future to tout how secure iOS is relative to other mobile platforms. I'd say that it is much more controlled than the Google Play Store but Apple might not want to make the comparison any time soon. It would run the risk of having this entire XcodeGhost issue be brought up again in conversation.