Malware infection on Apple's App Store: China's Tencent

Published September 21, 2015
"A security flaw, caused by an external malware, was recently discovered affecting iOS users only on WeChat version 6.2.5," Tencent said in a statement posted on the Wechat blog, adding the flaw had been repaired. — REUTERS/File
"A security flaw, caused by an external malware, was recently discovered affecting iOS users only on WeChat version 6.2.5," Tencent said in a statement posted on the Wechat blog, adding the flaw had been repaired. — REUTERS/File
Apple reportedly said it had addressed the security breach and had teamed up with developers to help fix affected apps. — REUTERS/File
Apple reportedly said it had addressed the security breach and had teamed up with developers to help fix affected apps. — REUTERS/File

BEIJING: Hackers have infected one of China's most popular social media applications on Apple's App Store, Chinese Internet firm Tencent said, after dozens of programmes were reportedly affected by a rare breach in the United States (US) giant's security.

WeChat, an instant messaging (IM) application developed by Tencent, has hundreds of millions of users in China and around the world.

"A security flaw, caused by an external malware, was recently discovered affecting iOS users only on WeChat version 6.2.5," Tencent said in a statement posted on the Wechat blog, adding the flaw had been repaired.

"There has been no theft and leakage of users' information or money," the statement issued at the weekend said.

iOS is the operating system used by Apple's hugely popular iPhone and iPad devices.

Citing US-based cyber security firm Palo Alto Networks, the Wall Street Journal said that the attack affected more than three dozen apps.

Apps infected by the malware — code-named XcodeGhost — could transmit information about a user's device, mount phishing attacks to try to steal passwords, and access clipboard information, it said.

Other firms said to be affected included Chinese ride-hailing app Didi Kuaidi, Internet portal NetEase, and mobile phone operator China Unicom, among several more.

Apple reportedly said it had addressed the security breach and had teamed up with developers to help fix affected apps.

"To protect our customers, we've removed the apps from the App Store that we know have been created with this counterfeit software and we are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps," it said, according to the Journal.

Anti-censorship group Greatfire.org, which tracks Chinese Internet restrictions and events, said the attack appeared to originate in compromised versions of Xcode, Apple's developer software, which were then used by Chinese programmers.

"This is the most widespread and significant spread of malware in the history of the Apple app store, anywhere in the world," it said.

"Apple notoriously manually reviews all app submissions and, in comparison to Android stores, has been relatively malware-free," it added.

Apple did not immediately provide a comment when contacted by AFP.

Read: Apple presses deeper with new iPhones and more

Opinion

Editorial

Disregarding CCI
Updated 04 Nov, 2024

Disregarding CCI

The failure to regularly convene CCI meetings means that the process of democratic decision-making is falling apart.
Defeating TB
04 Nov, 2024

Defeating TB

CONSIDERING the fact that Pakistan has the fifth highest burden of tuberculosis in the world as per the World Health...
Ceasefire charade
Updated 04 Nov, 2024

Ceasefire charade

The US talks of peace, while simultaneously arming and funding their Israeli allies, are doomed to fail, and are little more than a charade.
Concerning measures
Updated 03 Nov, 2024

Concerning measures

The govt must seek political input and consensus on the changes it is seeking to make and be open about its intentions.
Short-lived relief?
03 Nov, 2024

Short-lived relief?

POLICYMAKERS must be jumping with joy. At the close of the first quarter of FY25, the budget posted a consolidated...
Brisk spread
03 Nov, 2024

Brisk spread

THE surge in polio cases has reached distressing levels with a tally of 45 last reported, after two cases emerged in...