comscore Apple’s App Store hit by XcodeGhost, here is everything you need to know about the malware
News

Apple’s App Store hit by XcodeGhost, here is everything you need to know about the malware

According to Palo Alto Networks, the attackers can send commands to the infected apps to perform actions such as – create a fake alert dialogue to acquire sensitive user information such as usernam

apple-app-store-app-prices

A week after Apple started seeding iOS 9; its App Store has been hit by a malware for the first time ever. The malware called XcodeGhost is said to have affected more than 39 iOS apps mostly targeted at the Chinese market. The folks at Palo Alto Networks have shed some light on how the malware functions and just how dangerous it is. Also Read - PUBG New State receives over 17 million pre-registrations as closed alpha testing ends

What is XcodeGhost? Also Read - iPhone selling in LG stores? Apple is apparently in talks for a new deal 

The malware dupes developers into using an infected version of Xcode, Apple’s official software development tool for developing OS X and iOS apps. The infected Xcode was uploaded on Baidu, and was unknowingly downloaded by some Chinese iOS developers. The iOS apps compiled by the modified Xcode got infected thereby giving hackers access to sensitive data. Also Read - Apple CEO Tim Cook claims iOS is more secure than Android

How dangerous is it?

The malware is said to have affected both stock and jailbroken iOS devices, including the iPhone, the iPad and the iPod Touch. The infected apps can log information about your device, and then upload this data on attackers’ command and control server. The hackers get access to the infected app’s name, current time, name and type of device, system language and country, network type, UUID of the device and the app bundle identifier.

According to Palo Alto Networks, the attackers can send commands to the infected apps to perform actions such as – create a fake alert dialogue to acquire sensitive user information such as usernames, passwords and credit card details. Attackers can also remotely open specific URLs that could allow them to exploit vulnerabilities into the system or other apps.

How many users are affected?

While Apple hasn’t revealed an official number, around 40 iOS apps are said to have been affected. With popular apps like WeChat and CamScanner in the list, this vulnerability potentially affects over 500 million iOS users in Asia-Pacific region. WeChat though has since issued a fix for the infected version.

How to protect your iOS devices?

While there is no way to detect whether or not your iPhone / iPad is infected, you can uninstall the affected apps from your device. It will also be wise to reset your iCloud password and all other passwords that you’ve put on your iOS devices.

Regarding this vulnerability, an Apple spokesperson issued a formal statement to the Reuters, “We’ve removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”

The infected apps are listed in the table below:

WeChat PDFReader CamScanner CamCard Guitar Master
Mercury Musical.ly Perfect365 Guaji_gangtai en WhiteTile
WinZip Standard MoreLikers2 MobileTicket iVMS-4500 OPlayer Lite
Golfsense Wallpaper10000 CSMBP MSL 108 ChinaUnicom3.x
Snapgrab copy CuteCUT PocketScanner SuperJewelsQuest2 Air2
Baba WeLoop DataMonitor MSL070 FlappyCircle
BiaoQingBao QuickSave Jin OPlayer Nicedev
WinZip Immtdchs WinZip Sector TinyDeal.com InstaFollower
QYER IHexin
For the latest tech news across the world, latest PC and Mobile games, tips & tricks, top-notch gadget reviews of most exciting releases follow BGR India’s Facebook, Twitter, subscribe our YouTube Channel. Also follow us on  Facebook Messenger for latest updates.
  • Published Date: September 21, 2015 1:46 PM IST
  • Updated Date: September 21, 2015 1:59 PM IST



new arrivals in india

Infinix Note 10 Pro
Infinix Note 10 Pro

16,999

Infinix Note 10
Infinix Note 10

10,999

Vivo Y73
Vivo Y73

20,990

OnePlus Nord CE 5G
OnePlus Nord CE 5G

22,999

iQOO Z3
iQOO Z3

19,990

Realme C25s
Realme C25s

9,999

Poco M3 Pro 5G
Poco M3 Pro 5G

13,999

Realme X7 Max 5G
Realme X7 Max 5G

26,999

Oppo F19
Oppo F19

18,990

Motorola Moto G40 Fusion
Motorola Moto G40 Fusion

13,999

POCO M2 Reloaded
POCO M2 Reloaded

9,499

OPPO A74 5G
OPPO A74 5G

17,990

Oppo A53s 5G
Oppo A53s 5G

14,990

Vivo V21 5G
Vivo V21 5G

29,990

Realme C25
Realme C25

9,499

Realme C21
Realme C21

7,999

Realme C20
Realme C20

6,799

Motorola Moto G60
Motorola Moto G60

17,999

iQOO 7
iQOO 7

31,990

Samsung Galaxy M42 5G
Samsung Galaxy M42 5G

21,999

Xiaomi Mi 11 Ultra
Xiaomi Mi 11 Ultra

69,999

Xiaomi Mi 11X Pro 5G
Xiaomi Mi 11X Pro 5G

39,999

Xiaomi Mi 11X
Xiaomi Mi 11X

29,999

Realme 8 5G
Realme 8 5G

13,999

Samsung Galaxy F02s
Samsung Galaxy F02s

8,999

Samsung Galaxy F12
Samsung Galaxy F12

10,999

POCO X3 Pro
POCO X3 Pro

18,999

Realme 8 Pro
Realme 8 Pro

17,999

Realme 8
Realme 8

14,999

Vivo X60 Pro Plus
Vivo X60 Pro Plus

69,990

Vivo X60 Pro
Vivo X60 Pro

49,990

Vivo X60
Vivo X60

37,990

OnePlus 9 Pro 5G
OnePlus 9 Pro 5G

64,999

OnePlus 9R 5G
OnePlus 9R 5G

39,999

OnePlus 9 5G
OnePlus 9 5G

49,999

Samsung Galaxy A72
Samsung Galaxy A72

34,999

Samsung Galaxy A52
Samsung Galaxy A52

26,499

Micromax In 1
Micromax In 1

10,499

Asus ROG Phone 5
Asus ROG Phone 5

49,999

Samsung Galaxy M12
Samsung Galaxy M12

10,999

Motorola Moto G30
Motorola Moto G30

10,999

Motorola Moto G10 Power
Motorola Moto G10 Power

9,999

Oppo F19 Pro Plus 5G
Oppo F19 Pro Plus 5G

25,990

Oppo F19 Pro
Oppo F19 Pro

21,490

Xiaomi Redmi Note 10 Pro Max
Xiaomi Redmi Note 10 Pro Max

18,999

Xiaomi Redmi Note 10 Pro
Xiaomi Redmi Note 10 Pro

15,999

Xiaomi Redmi Note 10
Xiaomi Redmi Note 10

11,999

Realme Narzo 30A
Realme Narzo 30A

8,999

Realme Narzo 30 Pro
Realme Narzo 30 Pro

16,999

Infinix Smart 5
Infinix Smart 5

7,199

Samsung Galaxy F62
Samsung Galaxy F62

23,999

Samsung Galaxy A12
Samsung Galaxy A12

12,999

Nokia 5.4
Nokia 5.4

13,999

Nokia 3.4
Nokia 3.4

11,999

Realme X7 Pro 5G
Realme X7 Pro 5G

29,999

Realme X7
Realme X7

19,999

Vivo Y31
Vivo Y31

16,490

Oppo Reno5 Pro 5G
Oppo Reno5 Pro 5G

35,990

Samsung Galaxy S21 Ultra 5G
Samsung Galaxy S21 Ultra 5G

1,05,999

Samsung Galaxy S21 Plus 5G
Samsung Galaxy S21 Plus 5G

81,999

Samsung Galaxy S21 5G
Samsung Galaxy S21 5G

69,999

Vivo Y12s
Vivo Y12s

9,990

Vivo Y51A
Vivo Y51A

17,990

Samsung Galaxy M02s
Samsung Galaxy M02s

8,999

Xiaomi Mi 10i
Xiaomi Mi 10i

21,999

Oppo A15s
Oppo A15s

11,490

Tecno Spark 6 Go
Tecno Spark 6 Go

8,499

Vivo V20 2021
Vivo V20 2021

24,990

Vivo Y20A
Vivo Y20A

11,490

Xiaomi Redmi 9 Power
Xiaomi Redmi 9 Power

11,999

Motorola Moto G9 Power
Motorola Moto G9 Power

11,999

Motorola Moto G 5G
Motorola Moto G 5G

20,999

Vivo V20 Pro
Vivo V20 Pro

29,990

Xiaomi Mi 10T
Xiaomi Mi 10T

35,999

Xiaomi Redmi 9i
Xiaomi Redmi 9i

8,299

Xiaomi Mi 10T Pro
Xiaomi Mi 10T Pro

39,999

Infinix Hot 10
Infinix Hot 10

9,999

Vivo V20 SE
Vivo V20 SE

20,990

Vivo V20
Vivo V20

24,990

Micromax In 1b
Micromax In 1b

6,999

Micromax In Note 1
Micromax In Note 1

10,999

OnePlus 8T
OnePlus 8T

42,999

Samsung Galaxy F41
Samsung Galaxy F41

15,499

Apple iPhone 12 Pro Max
Apple iPhone 12 Pro Max

1,29,900

Apple iPhone 12 Pro
Apple iPhone 12 Pro

1,19,900

Apple iPhone 12 Mini
Apple iPhone 12 Mini

69,900

Apple iPhone 12
Apple iPhone 12

79,900

Poco X3
Poco X3

16,999

Realme Narzo 20A
Realme Narzo 20A

8,499

Realme Narzo 20
Realme Narzo 20

10,499

Realme Narzo 20 Pro
Realme Narzo 20 Pro

13,999

Oppo F17
Oppo F17

16,990

Samsung Galaxy M51
Samsung Galaxy M51

22,999

Poco M2
Poco M2

10,999

Oppo F17 Pro
Oppo F17 Pro

22,990

Realme 7 Pro
Realme 7 Pro

19,999

Realme 7
Realme 7

14,999

Best Sellers