Apple withdraws some China apps after malware found

Apple Inc. says it has removed some applications from its App Store after they were found to contain malicious software in an unusual security breach.

The company on Monday blamed the breach on the use by some developers of a fake version of a software tool that was posted on Chinese websites and included the malicious software.

Apps compiled using the tool allow the attackers to steal data about users and send it to servers they control.

Tencent Ltd., operator of the popular WeChat social media service, said its software was affected and the company released a new version after its security researchers found the malicious code.

The BBC reports:

Cybersecurity firm Palo Alto Networks – which has analysed the malware dubbed XcodeGhost – said the perpetrators would also be able to send fake alerts to infected devices to trick their owners into revealing information.

It added they could also read and alter information in compromised devices’ clipboards, which would potentially allow them to see logins copied to and from password management tools.

In an update on its blog, WeChat said the malware did not affect older versions of the app, and that the “flaw has been repaired and will not affect users who install or upgrade WeChat version 6.2.6 or greater, currently available on the iOS App Store”.

Other apps affected included popular apps used to book train tickets, stock trading apps, and popular ride-hailing app Didi Kuaidi.

The emergence of such a large scale attack on Apple’s App Store comes as something of an embarrassment for the California tech giant, which goes to great lengths to keep the store and the apps sold on it secure.

Additional reporting from Associated Press