YIBADA

Malware Finds Its Way into the App Store, Infects Several Chinese Apps

| Sep 22, 2015 09:24 AM EDT

WeChat, which is owned by Tencent Holdings Ltd., said that the business messaging service is specifically being designed for work-related communication.

Malicious software was found to have infected some of the most prominent Chinese names in Apple Inc.'s App Store in a security breach that is being called the first of its kind.

The breach, which is said to have exposed the vulnerabilities of the App Store, infected applications by luring software developers into using a compromised version of Apple's developer tool kit, according to Alibaba Mobile Security, the mobile antivirus division of Alibaba Group Holding Ltd.

Some of the most popular apps compromised include WeChat, Didi Kuaidi and a Spotify-like music service from NetEase Inc.

According to American cybersecurity firm Palo Alto Networks Inc., the attack affected more than three dozen apps.

The infected apps could potentially transmit information about the user's device, prompt fake alerts, steal passwords and read and write information on the user's clipboard.

The hack exploited the impatience of Chinese developers by uploading an infected version of Xcode, the tool kit that developers must use to create apps on Apple's App Store. Xcode normally takes a long time to download in China, so the infected version promised faster downloads.

The infected version of Xcode was hosted on Baidu Pan, a cloud service by Baidu Inc. According to Kaiser Kuo, spokesperson for Baidu, the company removed it shortly after being made aware of its existence.

Tencent, Didi Kuaidi and NetEase all claimed that, while their applications had been compromised, no sensitive customer information had been lost.

"At present, we haven't discovered any loss of user information or assets as a result of this [breach], though the WeChat team will continue to monitor and do tests," Tencent said in a Weibo post on Friday.

Tencent also said that a new, clean version of the WeChat app had been uploaded to the app store.

Malware does not normally spread on Apple's App Store, which is known for subjecting apps to strict reviews. On Thursday, Palo Alto Networks said in its blog that the attack was the first of its type directed at Apple's iOS mobile operating system.

Other apps found to have been infected include the app of state-run mobile carrier China Unicom and 12306, the train-booking website of the country.

Related News

Most Popular

EDITOR'S PICK