Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | How to Cut the Cable Cord | Best Fitness Trackers Under $50 | Complete Guide to Facebook Privacy

Top News Stories

author photo

Apple App Store Suffers First Major Malware Infestation

by on September 21, 2015
in Phones and Mobile, News, Mobile Apps, Blog, Privacy :: 3 comments

Malware concept imageImportant news for owners of Apple iPhone, iPad and iPod touch devices: Over the weekend, Apple announced it was cleaning up its mobile App Store following a large-scale attack by hackers, news service Reuters is reporting. The move follows last week’s discovery that 39 legitimate iOS apps were infected with XcodeGhost, a malware program that gives hackers access to some of your smartphone data, including your device's name and type and network information.

The malware itself seems to have originated in China. XcodeGhost wound up being integrated into otherwise legitimate mobile apps such as WeChat after a number of Chinese developers began using a counterfeit version of Apple’s app creation software. That software then injected malware into a number of Chinese apps that went undetected by Apple’s routine security checks. It was only last week when security experts – and ultimately Apple – discovered the problem.

“We've removed the apps from the App Store that we know have been created with this counterfeit software," an Apple spokesperson explained. "We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”

While this particular attack seems to be focused primarily on those in China, the danger of XcodeGhost is widespread and concerning enough for us at Techlicious to recommend a few simple steps to keeping your own Apple smartphone safe.

1. Update any app that's been confirmed to be affected by XcodeGhost and if an update is not available uninstall the app. To check whether an affected app has been updated, go the the Apple App Store on your device, tap the Updates button and look for available updates. If an update is available install it. Lookout has a list of affected apps that the company has verified as being infected as well a those found by other security researchers. Affected apps include LifeSmart, OPlayerHD Lite, WeChat, WinZip, 10000+ Wallpapers, among others (See the full list of English titles below). 

2. Change your Apple ID password. If you have an affected app on your phone, change your Apple ID password. And if you use your Apple ID password on any other accounts, change those account passwords. 

3. Set your apps to update automatically. To ensure you always have the latest, patched version of  your apps, set them to auto update. Enter Settings > App and iTunes Stores and make sure Updates is toggled on under “Automatic Downloads.” If you have a small data plan, you should also take a moment to toggle “Use Cellular Data” to off. That will instruct your phone to update itself only when it’s connected to Wi-Fi, protecting your cell bill from surprise overage charges.

Want to do even more to protect your smartphone now that mobile malware attacks are on the rise? Check out these 9 steps to making your smartphone more secure.

List of Known Affected Apps (English) via Lookout

10000+ Wallpapers
air2
AmHexinForPad
baba
BiaoQingBao
CamCard
CamCard Business
CamScanner
CamScanner Free
CamScanner Lite
CamScanner Pro
CamScanner+
ChinaUnicom3.x
CSMBP-AppStore
CuteCUT
DataMonitor
FlappyCircle
golfsense
golfsensehd
guaji_gangtai en
Guitar Master
IHexin
immtdchs
InstaFollower
installer
iOBD2
iVMS-4500
jin
Lifesmart
Mercury
MobileTicket
MoreLikers2
MSL070
MSL108
Musical.ly
nice dev
OPlayer
OPlayer Lite
PDFReader
PDFReader Free
Perfect365
PocketScanner
Quick Save
QYER
SaveSnap
SegmentFault
snapgrab copy
SuperJewelsQuest2
ting
TinyDeal.com
WeChat
WeLoop
WhiteTile
WinZip
WinZip Standard

Updated on 9/22/2015

[Malware image via Shutterstock]



Discussion loading

gravatar

apple

From Now Gadgets on September 22, 2015 :: 9:54 am

apple has become more powerful security os now a days..

Reply

avatar

PDF Reader is not the official app from Adobe

From Josh Kirschner on September 22, 2015 :: 5:50 pm

Some readers have written in asking about whether the PDF Reader apps listed above are the official apps form Adobe. They are not. The official Adobe app is called Adobe Acrobat Reader and is not affected by this malware issue.

Reply

gravatar

Security is a serious problem

From Annette Riley on April 27, 2016 :: 11:47 pm

Most of the users think Apple and iOS are very secure and unbreakable. But according to this story and the truth that a lot of attackers out there are trying to break into Apple and its system, we are not safe anymore.

Apple should do more to secure their devices, software as well as systems.

Reply

© 2015 Techlicious LLC. Home | About | Meet the Team | Sponsorship Opportunities | Newsletter Archive | Contact Us | Terms of Use | Privacy Policy

site design: Juxtaprose