Apple Names 25 Apps Most Dangerous With Xcode Malware

Apple has compiled a top 25 of the most popular apps that have used the rogue Xcode software offered through Baidu’s download servers. Apple advises anyone using the apps to check if the latest version is being used.

The latest versions are generally free of malware, Apple writes on the Chinese version of its website. The same site lists the 25 most used apps, including WeChat, DiDi Taxi, Gaode Maps, Baidu Music, and Angry Birds 2, which is not a Rovio version. Other apps are used so little that the impact is relatively small, Apple says in its news item.

All compromised apps known to have been compiled with XcodeGhost have been removed from the App Store by Apple. Apps created with XcodeGhost are no longer allowed in the store. Despite that, the consensus among security companies is that the number of infected apps is in the ‘four digits’. Although Apple has removed all apps that are known to be infected, it is still not clear whether this actually concerns all apps.

However, the impact of XCodeGhost is not as great as was first believed. Where there was first talk that malicious apps could, for example, present users with login screens in order to phish for passwords, this appears not to have been possible. However, malicious apps could send users to certain URLs.