“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” Apple spokesperson Christine Monaghan told Reuters. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”
XCODEGHOST COULD BE “VERY HARMFUL AND DANGEROUS
Among the more notable apps affected were dominant Chinese messaging app WeChat, popular business card scanner CamCard, and Chinese Uber rival Didi Chuxing. WeChat, which has over 600 million monthly active users, said in a blog post that the exploit only affected a prior version of the app released on September 10th; the present version, released two days later, is clean.
Security firm Palo Alto Networks investigated XcodeGhost and concluded that it was able to prompt fake phishing dialogs, open URLs, and read and write clipboard data, leading the company to call it a “very harmful and dangerous” piece of malware that has affected at least 39 apps.
Content Via: theverge