How Apple Is Making Sure Developers Don't Fall Victim to XcodeGhost Malware
Apple has posted a list of apps compromised by the counterfeit software.
— -- Following the unprecedented discovery of some malware-infected apps in Apple's Chinese App Store, the company swiftly removed the affected apps that were built using a counterfeit software. Apple today is naming the top 25 apps that were found to include the counterfeit code called XcodeGhost.
In an update to its Chinese website, Apple said there has been no evidence to suggest the code has compromised users' personally identifiable information and said it appeared the code was only able to transmit basic information about apps and systems.
Even still, the company listed the top 25 apps that it said were found to contain the malicious code. Many of the apps have been updated and are back in action, including several popular chatting apps, games and a ride-hailing service.
The discovery of malware in Apple's App Store is unprecedented for the company, which subjects apps to a stringent review process before publishing them in the App Store. It appears hackers exploited the tendency of Chinese developers to use Xcode from local servers since it can be faster to download.
Apple also said it is working to make it faster for developers in China to download authentic Xcode instead of turning to other versions that could potentially be compromised. Apple also posted steps for developers to take to ensure they're running a trusted version.
In a statement to ABC News on Monday, an Apple representative said the fake code was posted online by "untrusted sources."
"Apple takes security very seriously and iOS is designed to be reliable and secure from the moment you turn on your device. We offer developers the industry’s most advanced tools to create great apps," Apple said in the statement.
"A fake version of one of these tools was posted by untrusted sources which may compromise user security from apps that are created with this counterfeit tool. To protect our customers, we’ve removed the apps from the App Store that we know have been created with this counterfeit software and we are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps," Apple said.
Related Stories
ABC News Live