Apple's App Store suffered its first large-scale security breach as some of the most popular Chinese-developed apps were discovered to be carrying malicious software.
The applications were infected with malware that was dubbed the Xcodeghost by researchers from Alibaba Mobile Security, the first security company to document the malware extensively through posts on social media last week.
The affected apps for both the iPhone and iPad include mobile messaging app WeChat by Tencent Holdings, ride-sharing app Didi Kuaidi and a music app similar to Spotify by NetEase, an Internet portal. The total number of apps that were discovered to be infected by the malware was over three dozen, according to Palo Alto Networks.
Xcodeghost was able to infiltrate the apps after software developers were tricked into using compromised versions of Xcode, the developer tool kit of Apple. The hack took advantage of the impatience of software developers in China, as downloading the official version of Xcode takes a long period of time in the country.
The hackers uploaded the compromised Xcode on a Chinese-based server, claiming faster downloads for the official tool kit. Developers that downloaded the compromised version of Xcode and then used it to work on apps would automatically be infected with the Xcodeghost.
The compromised Xcode, which was hosted on Baidu's cloud service, has been taken down.
The apps that were infected by Xcodeghost were able to transmit data regarding the user's device, show fake alerts which could steal Apple iCloud passwords and access the clipboard of the user. The code could also access certain websites which could infect the device with even more viruses.
"To protect our customers, we've removed the apps from the App Store that we know have been created with this counterfeit software and we are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps," said Apple in a statement.
Statements by the companies of the affected apps admitted that they were affected by the hack, but claimed that there was no leakage of sensitive customer data.
Ryan Olson, the director of threat intelligence for Palo Alto Networks, said that the firm traced no instances of data theft or other harm done by Xcodeghost, confirming the statement of the companies. However, he said that the hack was a significant issue because it revealed the vulnerability of Apple's App Store if hackers would infect the machines of app developers. This could lead to other hackers using the approach to launch attacks.