After the recent spree of malware infections in its devices via a group of apps on the iOS store, Apple has finally compiled and made public a list of the top 25 iOS apps that are affected with malware as a result of Xcode Ghost.
For those who haven’t quite been following the whole affair, Xcode is part of an IDE package Apple provides to programmers for iOS app development purposes through its official website. Unsuspecting developers may sometimes also choose to download the tools from non-official sources, due to the fact that the former provides somewhat slower download speeds. However, what they are unaware of is the fact that compromising the authenticity Apple provides with its IDEs for faster downloads, is not always the brightest idea.
So this is what happened here too. App developers — particularly from China — downloaded an infected and malware infested version of Xcode from alternate sources. However, the apple doesn’t fall far from the tree, and the developers coding away at their apps were ignorant of the fact, that the programs they were developing were also infested with a malware — courtesy of the compromised, unofficial version of Xcode.
So there you have it, all the applications produced using the Xcode Ghost are similarly malware infected. Thankfully though, the malware doesn’t appear to be particularly dangerous and according to Apple, no real damage has been inflicted.
We have no information to suggest that the malware has been used to do anything malicious or that this exploit would have delivered any personally identifiable information had it been used. We’re not aware of personally identifiable customer data being impacted and the code also did not have the ability to request customer credentials to gain iCloud and other service passwords.
Also, thanks to the fact that the leak was discovered relatively quickly, Apple has gone into damage control mode and identified and removed the affected apps from the iOS store. As per the company,
We have removed the apps from the App Store that we know have been created with this counterfeit software and are blocking submissions of new apps that contain this malware from entering the App Store. We’re working closely with developers to get impacted apps back on the App Store as quickly as possible for customers to enjoy.
If you have already downloaded one of these apps, don’t panic. Simply updating it via the iOS store should take care of the problem.
While the company has also issued guidelines to developers along with safe developing practices and seems pretty keen to work hand in glove with developers — “We’re working to make it faster for developers in China to download Xcode betas” — the damage has certainly been done. This is probably the first time that an attack of this magnitude was carried off and serves to show that as strong as the iOS security systems may be, they are not infallible. I shudder to think the state of things had the malware been more lethal.
However, all is well that ends well. The situation has been brought under control now and top brains at Apple are probably already at work, pondering over steps that may ensure that a repeat of such an event does not occur in the future.