Apple isn’t usually on the receiving end of hacks, malwares and viruses; not often at least. Though, the iOS App Store, has relatively been safe, recently Chinese developers have inadvertently implanted a spoofed version of the Xcode software that’s used by Apple on some of their apps.
The XcodeGhost file was uploaded on Baidu, a site that serves as a file sharing platform; unaware of this, some Chinese developers accidentally used the malware-embedded code for their apps, hence the malicious code making its way on to the App Store.
So how dangerous is this code? Well what it sets out to do is to collect user information on their devices and send them out to their servers. The information it collects include:
Current infected app’s name
The app’s bundle identifier
Current device’s name and type
Current system’s language and country
Current device’s UUID (Universally unique identifier)
Why would they need information like that? To put it shortly, the code needs it so it can fake alerts to trick you to reveal personal data or read and change any information on your copy clipboards – including password management apps. It’ll pose an indefinite risk to those who use WeChat, as a lot of information gets swapped around on the instant messaging app.
Just be sure to remove the apps mentioned below, but in terms of fixes the developers of WeChat have updated it from the affected 6.2.5 to the current (unaffected) version 6.2.6; an update that removed the malicious code. As a precaution, we suggest you remove WeChat and then install the newest version – just be sure to backup your chat logs first.
You can do so by following these steps:
Me > Settings > General > Chat Log Migration> Cloud Migration
After being informed, Apple has since removed apps that were infected, though users who’ve installed them before, still have to delete the infected apps on their devices. While most of the 77 apps are mainly used by people living in China, there are still some apps that are widely used by users around the world.
The following lists the apps that were affected by the XcodeGhost hack:
Angry Birds 2
CITIC Bank move card space
China Unicorn Mobile Office
High German map
Medicine to force
Quick asked the doctor
Stocks open class
Hot stock market
Three new board
The driver drops