We don’t hear it that often about iOS involving in apps hacks, malwares or viruses. However, the last weekend has witnessed the worst time of security breach ever in Apple history. What happened to be exact? Some (or many) of Chinese apps on the App Store have been attacked by a dangerous program carrying the code “XcodeGhost” hidden in their software. The malicious software was found first on Baidu, said to be accidentally embedded by Chinese developers for their apps. Unfortunately, “the ghost” made its ways to the App Store and started to attack other fellow apps over there. The XcodeGhost is reported to be doing harm to hundreds of millions of Apple users everywhere.

So what does the code do to your iPhones? Once it reaches your system, the XcodeGhost will collect your information set in the device and automatically send them to the servers. The list of information that it get from iPhone users is as below:

Current time
Current infected app’s name
The app’s bundle identifier
Current device’s name and type
Current system’s language and country
Current device’s UUID (Universally unique identifier)
Network type

Are you wondering why this is so dangerous and what can the code do with those information? Well, to make it as simple as possible: those user information is the key to open any door to your privacy. With those details, the code can totally send out fake alerts and fool users into revealing further personal figures. iPhone users may be tricked to enter their passwords to make changes on app. One of the most obvious damage the XcodeGhost can do is when you are on WeChat, all the information it has access to can easily get swapped around.

However, developers of WeChat have intervened very in time. They already updated the affected version (6.2.5) into the newer one (6.2.6), which is totally safe from affection. We highly recommend that you immediately delete your installed WeChat and download the later version if you haven’t done so yet.

Of course you can research further on other apps to find out whether their developers have done the same solution. Before deleting any app, don’t forget to backup your contact list and important information

Up to now, we have reported 77 apps in total that got caught with the malicious code. Apple immediately removed them all. However, for those you have already installed in your device, you need to manually delete it from your device to be safe from the XcodeGhost.

Here are the current updated list of the 77 affected apps. Most of them are used inside China. But just take a look if you happen to have any of them also:

(Source)

WeChat

The rest are in alphabetic order

1	Air 2
2	AmHexinForPad
3	Angry Birds 2
4	baba
5	BiaoQingBao
6	Cam Card
7	CamScanner
8	CamScanner Lite
9	CamScanner Pro
10	Card Safe
11	China Unicorn Mobile Office
12	CITIC Bank move card space
13	CSMBP-AppStore
14	CuteCUT
15	DataMonitor
16	Didi Chuxing
17	Eyes Wide
18	FlappyCircle
19	Flush
20	golfsense
21	Golfsensehd
22	Guitar Master
23	High German map
24	Himalayan
25	Hot stock market
26	IflyTek input
27	IHexin
28	immtdchs
29	InstaFollower
30	iOBD2
31	iVMS-4500
32	Jane book
33	jin
34	Lazy weekend
35	Lifesmart
36	Mara Mara
37	Medicine to force
38	Mercury
39	Micro Channel
40	Microblogging camera
41	MobileTicket
42	MoreLikers2
43	MSL070
44	MSL108
45	Musical.ly
46	NetEase
47	nice dev
48	Oplayer
49	OPlayer
50	Oplayer Lite
51	PDFReader
52	PDFReader Free
53	Perfect365
54	Pocket billing
55	PocketScanner
56	Quick asked the doctor
57	Quick Save
58	QYER
59	Railway 12306
60	SaveSnap
61	SegmentFault
62	snapgrab copy
63	Stocks open class
64	SuperJewelsQuest2
65	The driver drops
66	The Kitchen
67	Three new board
68	Ting
69	TinyDeal(dot)com
70	Wallpapers10000
71	Watercress reading
72	WeLoop
73	WhiteTile
74	WinZip
75	WinZip Sector
76	WinZip Standard