Cunning hackers from China managed to sneak malware into what’s generally thought of as an impenetrable target, Apple’s App Store. They created a custom version of the Xcode program developers use to create iPhone apps, thus injecting the malware payload right into the apps that Apple staff would later approve.
At least 85 legitimate iPhone apps were infected with malware this way (see this list), most of them targeting the Chinese and Asian markets, as that’s where the malicious version of Xcode was made available to developers. However, other security firms say that there may be hundreds or even thousands of genuine iOS apps that may have been targeted this way.
Apple said in a statement to Reuters on Monday that it has removed the malicious apps from the store, and it’s working with developers to make sure they’re making apps with help of the genuine Xcode app.
However, Palo Alto Networks, the company that first found the hack, says that Netherlands-based security company Fox-IT has found “thousands of malicious [apps] outside China.”
Security firm Lookout says that the Lookout Mobile Security app isn’t able to detect whether there are any infected apps installed on an iOS device. But the company has put together a list of apps that it “independently confirmed to be affected by XcodeGhost,” which is what the malware is known as. The list tells you whether an app is still infected and whether you should uninstall it immediately (see image above).
You can keep up with Lookout’s progress with checking the apps that are known to be malicious at this link.