Hundreds of millions of Apple users potentially affected by XcodeGhost malware
Malware incident represents first major breach of usually stringent Apple App Store security
Malware has infected hundreds of applications in the Apple App Store, potentially leaving hundreds of millions of users vulnerable to having their details stolen, in an incident that represents the first large-scale attack to affect the online store for iPhone, iPad and other iOS devices.
The incident threatens to tarnish Apple's reputation as the most trusted mobile ecosystem when it comes to security.
According to Palo Alto Networks' independent research body, Unit 42, a malware named XcodeGhost infected a number of Apple iOS apps in the App Store by installing fake Xcode tools.
The XcodeGhost malware is capable of stealing passwords, details and openURLs through infected app and is thought to have affected apps including messaging service WeChat
The incident represents the first reported case of large numbers of malicious software applications being able to bypass the usually strict review process of the Apple App Store. Prior to this attack, only a handful of malicious apps had previously been found in the iPhone and Ipad App Store.
Hackers embedded the malicious XcodeGhost into apps by somehow convincing developers of legitimate iOS applications to use a corrupted version of the Xcode software, allowing the malware to bypass security and become available to download from the App Store.
In a written statement, Apple said it's aware of the issue and has cleaned up the applications which are known to be distributing malware.
"We've removed the apps from the App Store that we know have been created with this counterfeit software," Apple spokeswoman Christine Monaghan said in an email. "We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps."
However, Apple hasn't provided any information to iPhone and iPad users as to how they could determine whether they have been victims of the XcodeGhost malware.
Palo Alto Networks director of threat intelligence Ryan Olson said the infection of iOS apps on the App Store is "a pretty big deal" because it demonstrates that the Apple ecosystem is open to hackers and that it's those building the software who represent the main entry point for those looking to distribute malware.
"Developers are now a huge target," he said.
The developers of the WeChat application - thought to be one of the biggest targets of the XcodeGhost malware - have said they've already moved to fix the loophole.
"A security flaw, caused by an external malware, was recently discovered affecting iOS users only on WeChat version 6.2.5. This flaw has been repaired and will not affect users who install or upgrade WeChat version 6.2.6 or greater, currently available on the iOS App Store," the company said.
Earlier this month it was discovered how a new iOS malware family going by the name of "KeyRaider" has stolen more than 225,000 user account details.