If you've got iOS, you may have been hacked by XcodeGhost malware, which has been found in 39 iOS apps which have been used by hundreds of millions of people. Here's what you need to know about the malware, and how to protect yourself.
The security firm Palo Alto Networks has been researching the hack. The company says that 39 iOS apps have been found to be infected with it.
The malware can use phishing attacks to steal passwords, hijack URLs and inject additional malware into an iOS device, and read and write data from a user's clipboard, which could mean stealing passwords if you've copied your password into it. It can potentially do more as well, including stealing iCloud passwords.
In other words, it's a nasty piece of work. Palo Alto Networks says this about it:
We believe XcodeGhost is a very harmful and dangerous malware that has bypassed Apple's code review and made unprecedented attacks on the iOS ecosystem. The techniques used in this attack could be adopted by criminal and espionage focused groups to gain access to iOS devices.
The malware made its way into the iOS apps because a counterfeit version of Xcode (Apple's programming tool for creating iOS apps) was purposely infected with it, then uploaded to Baidu's file sharing service, which Chinese iOS and OS X developers use. Developers who used that version of Xcode unwittingly put the malware into iOS apps they wrote.
Although many of the apps infected this way were only for the Chinese market, a number of them are also used worldwide. For example, the popular WeChat messaging app, with about 500 million users worldwide, was affected. And CamCard, a business card reader and scanner app which is popular in the U.S. and elsewhere was also affected. Only the most recent versions of the apps, which used the counterfeit Xcode, are infected.
Apple told Reuters, "We've removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps."
What to do? Your best bet is to uninstall any of the affected apps. Here's to go for the list. Wait to re-install until you know the latest versions are safe. And if you have any of the potentially infected apps on your device, it's a good idea to change your passwords and iCloud password.