Apple lists the top 25 apps infected by XcodeGhost malware
Apple today refreshed its official XcodeGhost FAQ webpage,provided a list of 25 apps that are infected by the XcodeGhost malware. While there are more than 25 apps present in the App Store that are infected by this malware, the company says that the number of users of these apps are comparatively less.
While majority of the infected apps have already been updated to remove any traces of the malware, there are still some apps available in the Chinese App Store that are infected by it.
In addition to WeChat, one of the top messaging apps in the world, Rovio’s Angry Birds 2 and China Unicom’s Customer Service app, most of the listed apps are distributed on the Chinese App Store only.
Apple has pulled many of the infected apps and said it’s working closely with developers to get impacted apps back on the App Store.
The Cupertino firm underscores that after the top 25 impacted apps, the number of impacted users “drops significantly“.
The list of apps posted by Apple are as follows:
- 58 Classified
- Angry Birds 2
- Baidu Music
- Battle of Freedom
- Call Me MT 2
- CarrotFantasy
- CarrotFantasy 2
- China Unicom Customer Service
- Dark Dawn
- DiDi Travel
- DuoDuo Ringtone
- Encounter
- Flush
- Flush HD
- Foreign Harbor
- Gaode Map
- Heroes of Order & Chaos
- Himalaya FM
- I Like Being With You
- Let’s Cook
- Miraculous Warmth
- NetEase Music
- One Piece
- Railroad 12306
Apple has since provided instructions for developers to check if their Xcode copy has been tampered with and has promised to soon offer local Xcode downloads in China in order to minimize exposure to the malware.
“We’re working to make it faster for developers in China to download Xcode betas,” said the firm.
Trojanized apps have been found to send usage data collected from infected devices to the cloud much like many advertising networks do. XcodeGhost can also pop up a custom alert box, but not accept input from the user.
However, the malware is capable of opening arbitrary URLs, which can be a problem as these URLs can contain phishing webpages for stealing credentials for services like Apple ID, Facebook, eBay, PayPal and more, or forward users to an enterprise-signed malicious app that can be installed on non-jailbroken devices.