XcodeGhost: Major Security Breach at App Store
Apple’s App Store has experienced a major security breach in which the malware XcodeGhost gained access to apps. XcodeGhost creator convinced app developers to use a modified version of Xcode, software used to create Mac and iOS apps.
There are some famous apps affected including leading Chinese messaging app WeChat, Chinese Uber adversary Didi Chuxing and business card scanner CamCard. According to latest news malware affected only prior version of WeChat app and Chinese were quick to respond to the breach. FYI WeChat is used by more than 600 million people.
Apple spokesperson Christine Monaghan stated in the interview with Reuters, that:
We’ve removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.
Palo Alto Networks researched XcodeGhost and stated that malware was capable of initiating fake phishing dialogs, open links and read and write clipboard data. Latest statistics states that more than 39 apps are currently affected.