Apple lists top 25 apps infected by XcodeGhost malware

Apple today refreshed its official XcodeGhost FAQ webpage, listing the top 25 iPhone and iPad apps on the App Store that contain the widely reported though mostly harmless XcodeGhost malware.

In addition to WeChat, one of the top messaging apps in the world, Rovio’s Angry Birds 2 and China Unicom’s Customer Service app, most of the listed apps are distributed on the Chinese App Store only.

Apple made this announcement on its regional Chinese website since the malware was only found in apps uploaded to China’s App Store. It also states in the announcement that it has not identified any case of the malware stealing precious user information. Additionally, it notes that it has stopped accepting submissions of applications infected with the malware.

The full list of the top 25 apps affected by XcodeGhost is as follows:
  • WeChat
  • DiDi Taxi
  • 58 Classified – Job, Used Cars, Rent
  • Gaode Map – Driving and Public Transportation
  • Railroad 12306
  • Flush
  • China Unicom Customer Service (Official Version)
  • CarrotFantasy 2: Daily Battle
  • Miraculous Warmth
  • Call Me MT 2 – Multi-server version
  • Angry Bird 2 – Yifeng Li’s Favorite
  • Baidu Music – A Music Player that has Downloads, Ringtones, Music Videos, Radio, and Karaoke
  • DuoDuo Ringtone
  • NetEase Music – An Essential for Radio and Song Download
  • Foreign Harbor – The Hottest Platform for Oversea Shopping
  • Battle of Freedom (The MOBA mobile game)
  • One Piece – Embark (Officially Authorized)
  • Let’s Cook – Recipes
  • Heroes of Order & Chaos – Multiplayer Online Game
  • Dark Dawn – Under the Icing City (the first mobile game sponsored by Fan BingBing)
  • I Like Being With You
  • Himalaya FM (Audio Book Community)
  • CarrotFantasy
  • Flush HD
  • Encounter – Local Chatting Tool
“After the top 25 impacted apps, the number of impacted users drops significantly,” says Apple. Of course, these are just the top 25 apps that contain the malware as there are undoubtedly many more lesser known apps infected by XcodeGhost.

Estimates by independent researchers like FireEye Labs and SourceDNA range from 1,000 to more than 4,000 App Store apps containing the malware.

“As of September 21, 2015, we found 28 percent of apps that contain XcodeGhost are still live,” SourceDNA writes. “We also found that 40 percent of apps that had it are still unavailable, while 32 percent have been fixed and re-released.”


blog comments powered by Disqus
Octofinder Blog Catalog