Apple has spoken about malware XcodeGhost and claimed they have removed the infected apps from the App Store. The company is now working with Alibaba and Palo Alto to resolve the issue.
We have been hearing the news of the App Store being infected. The news has been doing the rounds for quite some time now, and the company has finally spoken about the issue. On Sunday, Apple confirmed that a tool that software developers use for the company’s devices was not just copied but also modified by the hackers. They just didn’t stop there. The hackers went one step ahead and put a bad code into the App Store apps.
Commenting on the issue, Christine Monaghan, an Apple spokeswoman, said, “To protect our customers, we’ve removed the apps from the App Store that we know have been created with this counterfeit software.”
Palo Alto Networks, an online security company that is looking into the matter, also commented on the issue. In a blog post, the company said that in one of the analysis, they found out that XcodeGhost has embedded a malicious code which “uploads device information and app information to its command and control (C2) server.”
Palo Alto also explained how the virus works. Once the user downloads an infected app, the code opens websites that are designed to infect Apple devices with more viruses. Pop-up screens then open asking users for information like passwords. “Since the dialogue is a prompt from the running application, the victim may trust it and input a password without suspecting foul play,” the company further added.
Till now, 40 apps have been infected. And the list includes a number of popular apps like WeChat, an app that has over 500 million users. CamCard is another app that has been infected. China is one of the countries that is most-affected by XcodeGhost. Palo Alto, Apple and Alibaba are now working together towards resolving the issue.