By now you should have heard that malware has been detected in apps available from Apple’s App Store. (Let’s take a short break to let the rival Android users stop chuckling) Should you be panicked? Should you contact your IT department and have them wipe all of your company’s iPhones? Should you rush home and trade your teenager’s iPhone for an old Samsung flip phone? No, you shouldn’t – the Appleocalypse is not upon us. (except maybe for the last one – have you seen the trouble teenagers can get into on smart phones? Sheesh!)
Because this is somewhat of a rare event, the Internet has been filled with opinion pieces and editorials concerning iOS malware but the facts, so far, have been hard to nail down. The truth of the matter is that most US, LA, and European users should have little to worry about but that Asia-Pacific iPhone users could be in a bit of trouble.
What actually happened is that some Chinese programmers downloaded a corrupted version of Xcode, which is Apple’s official iOS and OS X app creation tool. Apps were then created with the corrupted tool (which quietly embedded exploits) and were subsequently uploaded to Apple’s App Store. About 50 corrupted apps were eventually identified by security firm Palo Alto Networks, and while these apps have now been removed from the app store, they weren’t removed before being downloaded by several million people. Most of the apps are Asia-Pacific-centric, (like WeChat) but a few are in heavy rotation in the West. (CamCard, a popular business card reader, being the most prominent).
Remediation is simple: If you do have any of the listed apps installed, report this to your IT department so they’re aware of a potential issue. IT Staff and individuals should be checking corporate and personal iPhones for the apps. Change iCloud and other passwords stored on your phone as a precautionary measure, and report any suspicious events to your IT department.
You can find a list of the corrupted apps here: (courtesy of macrumors.com)
Infected iOS apps (as released by Palo Alto Networks)
滴滴打车 18.104.22.168 – 3.9.7
我叫MT 2 1.10.5
A more thorough list, according to fox-it.com: