We don’t hear it that often about iOS involving in apps hacks, malwares or viruses. However, the last weekend has witnessed the worst time of security breach ever in Apple history. What happened to be exact? Some (or many) of Chinese apps on the App Store have been attacked by a dangerous program carrying the code “XcodeGhost” hidden in their software. The malicious software was found first on Baidu, said to be accidentally embedded by Chinese developers for their apps. Unfortunately, “the ghost” made its ways to the App Store and started to attack other fellow apps over there. The XcodeGhost is reported to be doing harm to hundreds of millions of Apple users everywhere.
So what does the code do to your iPhones? Once it reaches your system, the XcodeGhost will collect your information set in the device and automatically send them to the servers. The list of information that it get from iPhone users is as below:
Current time
Current infected app’s name
The app’s bundle identifier
Current device’s name and type
Current system’s language and country
Current device’s UUID (Universally unique identifier)
Network type
Are you wondering why this is so dangerous and what can the code do with those information? Well, to make it as simple as possible: those user information is the key to open any door to your privacy. With those details, the code can totally send out fake alerts and fool users into revealing further personal figures. iPhone users may be tricked to enter their passwords to make changes on app. One of the most obvious damage the XcodeGhost can do is when you are on WeChat, all the information it has access to can easily get swapped around.
However, developers of WeChat have intervened very in time. They already updated the affected version (6.2.5) into the newer one (6.2.6), which is totally safe from affection. We highly recommend that you immediately delete your installed WeChat and download the later version if you haven’t done so yet.
Of course you can research further on other apps to find out whether their developers have done the same solution. Before deleting any app, don’t forget to backup your contact list and important information
Up to now, we have reported 77 apps in total that got caught with the malicious code. Apple immediately removed them all. However, for those you have already installed in your device, you need to manually delete it from your device to be safe from the XcodeGhost.
Here are the current updated list of the 77 affected apps. Most of them are used inside China. But just take a look if you happen to have any of them also:
The rest are in alphabetic order
1 Air 2 2 AmHexinForPad 3 Angry Birds 2 4 baba 5 BiaoQingBao 6 Cam Card 7 CamScanner 8 CamScanner Lite 9 CamScanner Pro 10 Card Safe 11 China Unicorn Mobile Office 12 CITIC Bank move card space 13 CSMBP-AppStore 14 CuteCUT 15 DataMonitor 16 Didi Chuxing 17 Eyes Wide 18 FlappyCircle 19 Flush 20 golfsense 21 Golfsensehd 22 Guitar Master 23 High German map 24 Himalayan 25 Hot stock market 26 IflyTek input 27 IHexin 28 immtdchs 29 InstaFollower 30 iOBD2 31 iVMS-4500 32 Jane book 33 jin 34 Lazy weekend 35 Lifesmart 36 Mara Mara 37 Medicine to force 38 Mercury 39 Micro Channel 40 Microblogging camera 41 MobileTicket 42 MoreLikers2 43 MSL070 44 MSL108 45 Musical.ly 46 NetEase 47 nice dev 48 Oplayer 49 OPlayer 50 Oplayer Lite 51 PDFReader 52 PDFReader Free 53 Perfect365 54 Pocket billing 55 PocketScanner 56 Quick asked the doctor 57 Quick Save 58 QYER 59 Railway 12306 60 SaveSnap 61 SegmentFault 62 snapgrab copy 63 Stocks open class 64 SuperJewelsQuest2 65 The driver drops 66 The Kitchen 67 Three new board 68 Ting 69 TinyDeal(dot)com 70 Wallpapers10000 71 Watercress reading 72 WeLoop 73 WhiteTile 74 WinZip 75 WinZip Sector 76 WinZip Standard