Bengaluru: Apple said the WeChat messaging app and car-hailing app DiDi Taxi were among the 25 most popular apps that were found to be infected with malicious software, the first-ever large-scale attack on its App Store.
The company had not previously disclosed which apps had been affected, although many had been identified by third parties.
Apple said on Sunday it was cleaning up its App Store after several cybersecurity firms reported that unknown hackers had embedded a malware, dubbed XcodeGhost, in hundreds, possibly thousands, of Chinese apps.
"We have no information to suggest that the malware has been used to do anything malicious," Apple said in its XcodeGhost Q&A Web page on Thursday.
Other infected apps include Baidu's Baidu Music app, a music app from Internet portal NetEase and the 58 Classified-Job, Used Cars, Rent app.
Tencent Holdings Ltd owns WeChat.
This is the first reported case of large number of malicious software programs making their way past Apple's stringent app review process.
Cyber security firm FireEye said earlier this week that the security breach was much bigger than previously thought, affecting more than 4,000 apps on the App Store, compared with the earlier estimate of 39.
Prior to this attack, a total of just five malicious apps had ever been found in the App Store, according to cyber security firm Palo Alto Networks.
Apple said on Thursday it was working with developers to get the apps back on the App Store and was blocking new apps that contained the malware.
The company also said some of the affected apps could be fixed through updates.
The hackers targeted the App Store using a counterfeit version of Xcode "toolkit", Apple's app-building software.
Many Chinese app developers downloaded the tainted software kit instead of the original one because of the slow download speeds from Apple's official servers located overseas.
Apple said it was working to make Xcode faster for Chinese developers to download.
Here's a list of the top 25 apps hit by malware in Apple's Chinese App Store.
- DiDi Taxi
- 58 Classified – Job, Used Cars, Rent
- Gaode Map – Driving and Public Transportation
- Railroad 12306
- Flush
- China Unicom Customer Service (Official Version)*
- CarrotFantasy 2: Daily Battle*
- Miraculous Warmth
- Call Me MT 2 – Multi-server version
- Angry Bird 2 – Yifeng Li’s Favorite*
- Baidu Music – A Music Player that has Downloads, Ringtones, Music Videos, Radio, and Karaoke
- DuoDuo Ringtone
- NetEase Music – An Essential for Radio and Song Download
- Foreign Harbor – The Hottest Platform for Oversea Shopping*
- Battle of Freedom (The MOBA mobile game)
- One Piece – Embark (Officially Authorized)*
- Let's Cook – Receipes [sic]
- Heroes of Order & Chaos – Multiplayer Online Game*
- Dark Dawn – Under the Icing City (the first mobile game sponsored by Fan BingBing)*
- I Like Being With You*
- Himalaya FM (Audio Book Community)
- CarrotFantasy*
- Flush HD
- Encounter – Local Chatting Tool
Comments
0 comment