Boston: Apple Inc is cleaning up its iOS App Store to remove malicious iPhone and iPad programs recognized in the first major malware attack on the popular mobile software outlet, on Sunday.
The company revealed the news after several cyber security firms reported that a malicious program dubbed XcodeGhost has been found, which was inserted in hundreds of genuine apps.
It is the first large-scale reported case of malicious software programs. According to cyber security firm Palo Alto Networks Inc, “Earlier, a total of just five malicious apps had ever been found in the App Store”.
The hackers inserted the malicious code in the apps by making the developers believe to make use of legitimate software so that the tainted, counterfeit version of Apple's software for creating iOS and Mac apps could be used that is known as Xcode, Apple said.
"We've removed the apps from the App Store that we know have been created with this counterfeit software," Apple spokeswoman Christine Monaghan said in an email. "We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps."
Ryan Olson, Palo Alto Networks Director of Threat Intelligence said, “The malware had limited functionality and his firm had uncovered no examples of data theft or other harm as a result of the attack”.
The infected version of the Xcode was downloaded from a server in China, which developers may have used because it allowed for faster downloads than using Apple's US servers, Olson added.
Chinese security firm Qihoo360 Technology Co said on its blog that it had uncovered 344 apps tainted with XcodeGhost.
According to researchers, infected apps included Tencent Holdings Ltd's popular mobile chat app WeChat, car-hailing app Didi Kuaidi and a music app from Internet portal NetEase Inc.
WeChat later clarified that the malware affecting iOS users was only found in version 6.2.5 which has since been repaired. The company said that users who have WeChat version 6.2.6 or greater will not be affected.
The company added that has been no theft and leakage of users' information or money.