ShortList is supported by you, our amazing readers. When you click through the links on our site and make a purchase we may earn a commission. Learn more

The Apps Affected By Apple's iOS Hack

The Apps Affected By Apple's iOS Hack

The Apps Affected By Apple's iOS Hack
21 September 2015

There's something rotten in Apple's core.

A piece of malware (nasty code that can ruin your phone's software or leave you open to security exploits) has managed to infiltrate Apple's usually faultless App Store.

The malware, dubbed XcodeGhost, is a twisted version of the XCode that app developers use to create software and apps for Apple phones.

It's thought that XcodeGhost was uploaded to a Chinese social media site, listed as a genuine copy of XCode, with several developers using the malware to build apps that unwittingly leave users' phones at risk from data theft and hacks. 

The majority of apps known to be affected originate in China, so there's little chance our UK readers will be running any of the following programmes identified by security experts Palo Alto networks... 

  • 网易云音乐 2.8.3 
  • 微信 6.2.5 
  • 讯飞输入法 5.1.1463 
  • 滴滴出行 4.0.0.6-4.0.0.0 
  • 滴滴打车 3.9.7.1 – 3.9.7 
  • 铁路12306 4.5 
  • 下厨房 4.3.2 
  • 51卡保险箱 5.0.1 
  • 中信银行动卡空间 3.3.12 
  • 中国联通手机营业厅 3.2 
  • 高德地图 7.3.8 
  • 简书 2.9.1 
  • 开眼 1.8.0 
  • Lifesmart 1.0.44 
  • 网易公开课 4.2.8 
  • 马拉马拉 1.1.0 
  • 药给力 1.12.1 
  • 喜马拉雅 4.3.8 
  • 口袋记账 1.6.0 
  • 同花顺 9.60.01 
  • 快速问医生 7.73 
  • 懒人周末 
  • 微博相机 
  • 豆瓣阅读 
  • CamScanner 
  • CamCard 
  • SegmentFault 2.8 
  • 炒股公开课 
  • 股市热点 
  • 新三板 
  • 滴滴司机 
  • OPlayer 2.1.05 
  • 电话归属地助手 3.6.5 
  • 愤怒的小鸟2 2.1.1 
  • 夫妻床头话 1.2 
  • 穷游 6.6.6 
  • 我叫MT 5.0.1 
  • 我叫MT 2 1.10.5 
  • 自由之战 1.1.0

However, Netherlands-based security company Fox-IT has been monitoring traffic around the malicious code, and has found sources of the XcodeGhost beyond the Chinese 'outbreak'. They've suggested the following apps could be infected:

  • Mercury
  • WinZip
  • Musical.ly
  • PDFReader
  • guaji_gangtai en
  • Perfect365
  • 网易云音乐
  • PDFReader Free
  • WhiteTile
  • IHexin
  • WinZip Standard
  • MoreLikers2
  • CamScanner Lite
  • MobileTicket
  • iVMS-4500
  • OPlayer Lite
  • QYER
  • golfsense
  • 同花顺
  • ting
  • installer
  • 下厨房
  • golfsensehd
  • Wallpapers10000
  • CSMBP-AppStore
  • 礼包助手
  • MSL108
  • ChinaUnicom3.x
  • TinyDeal.com
  • snapgrab copy
  • iOBD2
  • PocketScanner
  • CuteCUT
  • AmHexinForPad
  • SuperJewelsQuest2
  • air2
  • InstaFollower
  • CamScanner Pro
  • baba
  • WeLoop
  • DataMonitor
  • 爱推
  • MSL070
  • nice dev
  • immtdchs
  • OPlayer
  • FlappyCircle
  • 高德地图
  • BiaoQingBao
  • SaveSnap
  • WeChat
  • Guitar Master
  • jin
  • WinZip Sector
  • Quick Save
  • CamCard

There's currently no word on whether the malicious code is being exploited to pinch user data, nor any suggestions from Apple as to what users with the apps listed above should do to protect themselves - best try deleting them for now. 

Apple is aware of the issue though, and is resolving to remove the malware from its systems: "We've removed the apps from the App Store that we know have been created with this counterfeit software," said Apple spokeswoman Christine Monaghan. "We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps."

(Image: Shutterstock)

[Via: Mirror, MacRumours]