The iOS App Store has been seen as a relatively trustworthy source of software since it launched in 2008. But as hackers tend to do, they found a way to get their malicious apps into China’s version of the App Store.
By using altered version of Apple’s development tool Xcode, they were able to slip malware-infected apps into the App Store. The problem began when developers downloaded altered version of Xcode (named “XcodeGhost”) from third-party sites.
When the apps built with the modified version of Xcode were launched, they collected the phone’s name, UUID, language and country, current time, and network type. The data was then encrypted and sent to servers in order to be tracked by unknown sources.
The bigger issue is that these apps made it into Apple’s App Store in China. While only a handful of apps have made it though Apple’s strict review process, all it takes is one app with an aggressive piece of malware to destroy the trust customers have put in Apple.
Fortunately, the apps have only been seen in the App Store in China, so it should be fairly easy for Apple to fix the problem.
Developers should not be downloading their tools from random third-party sites. If you are a developer, download Apple’s developer tools directly from the Mac App Store or Apple’s developer portal.
Apple has not responded to any requests for comment about XcodeGhost and the infected apps.