Apple’s iOS App Store in China has been attacked for the first time by malware, multiple sources report. Internet security company Palo Alto Networks says that approximately 39 applications have been compromised.
According to the Wall Street Journal, hackers planted an outwardly normal version of an Apple software called Xcode, used to develop iOS applications, on a Chinese cloud service called Baidu Pan. Developers began using it because it was faster to download than the Xcode software from Apple’s U.S. servers, the CBC reports, citing Palo Alto Networks director of threat intelligence Ryan Olson. However, the Chinese version was fraudulent and “Trojanized.”
Olson told CBC that the breach was “a pretty big deal” as it showed that the App Store could be compromised.
XcodeGhost, as the fraudulent code was named by Alibaba researchers, then gave hackers access to users’ devices and enabled phishing for passwords and login information. In its most recent analysis, Palo Alto Networks deemed XcodeGhost dangerous, saying it could set a precedent for other espionage and criminal groups.
WeChat (China’s biggest messaging app), Didi Kuaidi (a ride-hailing app like Uber), and a music-streaming service called NetEase Inc., were among more popular apps affected, according to the Journal. All of the above companies released statements saying that customer information hadn’t been compromised, the Journal says.
Apple spokeswoman Christine Monaghan told the CBC that Apple would work with developers from now on to ensure that they are using the genuine version of the app development software.
More Must-Read Stories From TIME
- How an Online Pharmacy Sold Millions Worth Of Dubious COVID-19 Drugs — While Patients Paid the Price
- Why Literally Millions of Americans Are Quitting Their Jobs
- Meet the Women Participating in the Study That Could Change Future of Breast Cancer
- Inside the Battle for the Hearts and Minds of Tomorrow's Business Leaders
- An Innovative Washington Law Aims to Get Foreign-Trained Doctors Back in Hospitals
- Why the Ex-Husband of a Missing Chinese Billionaire Is Risking All to Tell Their Story
- Timothée Chalamet Wants You to Wear Your Heart on Your Sleeve