Apple Lists Top 25 Apps Affected by XcodeGhost Malware
John Williamson / 9 years ago
Apple has revised the XcodeGhost FAQ on its Chinese website and listed the top 25 apps compromised by the malware. These include a number of high profile apps for the Chinese market including a localized version of Angry Birds 2 and WeChat. According to Apple, users must update to the latest version as a matter of urgency. The apps without an asterisk have already been fixed and safe to download. However, the asterisk apps have been removed from the App Store but should be amended and ready for download very soon. Here is a complete rundown of the compromised apps:
- DiDi Taxi
- 58 Classified – Job, Used Cars, Rent
- Gaode Map – Driving and Public Transportation
- Railroad 12306
- Flush
- China Unicom Customer Service (Official Version)*
- CarrotFantasy 2: Daily Battle*
- Miraculous Warmth
- Call Me MT 2 – Multi-server version
- Angry Birds 2 – Yifeng Li’s Favorite*
- Baidu Music – Music Player with Downloads, Ringtones, Music Videos, Radio & Karaoke
- DuoDuo Ringtone
- NetEase Music – An Essential for Radio and Song Download
- Foreign Harbor – The Hottest Platform for Oversea Shopping*
- Battle of Freedom (The MOBA mobile game)
- One Piece – Embark (Officially Authorized)*
- Let’s Cook – Receipes
- Heroes of Order & Chaos – Multiplayer Online Game*
- Dark Dawn – Under the Icing City (the first mobile game sponsored by Fan BingBing)*
- I Like Being With You*
- Himalaya FM (Audio Book Community)
- CarrotFantasy*
- Flush HD
- Encounter – Local Chatting Tool
Security experts have criticized Apple for the malicious Xcode vulnerabilities which could allow access to user information or damage an Apple device beyond repair. Unsurprisingly, Apple is downplaying this situation and said:
“We have no information to suggest that the malware has been used to do anything malicious or that this exploit would have delivered any personally identifiable information had it been used.”
“We’re not aware of personally identifiable customer data being impacted and the code also did not have the ability to request customer credentials to gain iCloud and other service passwords.”
This latest security flaw doesn’t appear to have impacted on user confidence regarding iOS security. Although, negative press coverage is never a good thing and Apple needs to take any threat seriously.
Thank you MacRumours for providing us with this information.