BOSTON: Apple has confirmed that is cleaning up its iOS App Store to remove malicious program dubbed XcodeGhost found embedded in hundreds of legitimate apps on iPhones and iPads.
This is the first ever the first large-scale attack on Apple. On the good side, the malware has limited functionality and no examples of data theft or other harm as a result of the attack have been uncovered so far.
Meanwhile, Apple said that the hackers embedded the malicious code in these apps by convincing developers of legitimate software to use a tainted, counterfeit version of Apple's software for creating iOS and Mac apps that is known as Xcode, Apple said.
"We've removed the apps from the App Store that we know have been created with this counterfeit software," media reports quoted Apple spokeswoman Christine Monaghan. "We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps."
She however, did not say what steps iPhone and iPad users could take to determine whether their devices were infected.
It is the first reported case of large numbers of malicious software programs making their way past Apple's stringent app review process. Prior to this attack, a total of just five malicious apps had ever been found in the App Store, according to cyber security firm Palo Alto Networks.
Ryan Olson, Director, Threat Intelligence, Palo Alto Networks, said that developers are now a huge target. Also, it was a pretty big deal because it showed that the App Store could be compromised if hackers infected machines of software developers writing legitimate apps. Other attackers may copy that approach, which is hard to defend.
The tainted version of Xcode was downloaded from a server in China that developers may have used because it allowed for faster downloads than using Apple's US servers, Olson said.