XcodeGhost malware doing harm to 77 iOS apps, including WeChat

We don’t hear it that often about Apple involving in apps hacks, malwares or viruses. However, the last weekend has witnessed the worst time of security breach ever in Apple history. What happened to be exact? Some (or many) of Chinese apps on the App Store have been attacked by a dangerous program carrying the code “XcodeGhost” hidden in their software. The malicious software was found first on Baidu, said to be accidentally embedded by Chinese developers for their apps. Unfortunately, “the ghost” made its ways to the App Store and started to attack other fellow apps over there. The XcodeGhost is reported to be doing harm to hundreds of millions of Apple users everywhere.

XcodeGhost malware
XcodeGhost malware doing harm to hundreds of thousands iPhone users worldwide

So what does the code do to your iPhones? Once it reaches your system, the XcodeGhost will collect your information set in the device and automatically send them to the servers. The list of information that it get from iPhone users is as below:

Current time
Current infected app’s name
The app’s bundle identifier
Current device’s name and type
Current system’s language and country
Current device’s UUID (Universally unique identifier)
Network type

Are you wondering why this is so dangerous and what can the code do with those information? Well, to make it as simple as possible: those user information is the key to open any door to your privacy. With those details, the code can totally send out fake alerts and fool users into revealing further personal figures. iPhone users may be tricked to enter their passwords to make changes on app. One of the most obvious damage the XcodeGhost can do is when you are on WeChat, all the information it has access to can easily get swapped around.

WeChat
WeChat app

However, developers of WeChat have intervened very in time. They already updated the affected version (6.2.5) into the newer one (6.2.6), which is totally safe from affection. We highly recommend that you immediately delete your installed WeChat and download the later version if you haven’t done so yet.

Of course you can research further on other apps to find out whether their developers have done the same solution. Before deleting any app, don’t forget to backup your contact list and important information

Up to now, we have reported 77 apps in total that got caught with the malicious code. Apple immediately removed them all. However, for those you have already installed in your device, you need to manually delete it from your device to be safe from the XcodeGhost.

Here are the current updated list of the 77 affected apps. Most of them are used inside China. But just take a look if you happen to have any of them also:

(Source)

WeChat

The rest are in alphabetic order

1 Air 2
2 AmHexinForPad
3 Angry Birds 2
4 baba
5 BiaoQingBao
6 Cam Card
7 CamScanner
8 CamScanner Lite
9 CamScanner Pro
10 Card Safe
11 China Unicorn Mobile Office
12 CITIC Bank move card space
13 CSMBP-AppStore
14 CuteCUT
15 DataMonitor
16 Didi Chuxing
17 Eyes Wide
18 FlappyCircle
19 Flush
20 golfsense
21 Golfsensehd
22 Guitar Master
23 High German map
24 Himalayan
25 Hot stock market
26 IflyTek input
27 IHexin
28 immtdchs
29 InstaFollower
30 iOBD2
31 iVMS-4500
32 Jane book
33 jin
34 Lazy weekend
35 Lifesmart
36 Mara Mara
37 Medicine to force
38 Mercury
39 Micro Channel
40 Microblogging camera
41 MobileTicket
42 MoreLikers2
43 MSL070
44 MSL108
45 Musical.ly
46 NetEase
47 nice dev
48 Oplayer
49 OPlayer
50 Oplayer Lite
51 PDFReader
52 PDFReader Free
53 Perfect365
54 Pocket billing
55 PocketScanner
56 Quick asked the doctor
57 Quick Save
58 QYER
59 Railway 12306
60 SaveSnap
61 SegmentFault
62 snapgrab copy
63 Stocks open class
64 SuperJewelsQuest2
65 The driver drops
66 The Kitchen
67 Three new board
68 Ting
69 TinyDeal(dot)com
70 Wallpapers10000
71 Watercress reading
72 WeLoop
73 WhiteTile
74 WinZip
75 WinZip Sector
76 WinZip Standard