Apple's App Store faces first major malware attack

WeChat and the Chinese version of Angry Birds 2 are among the infected apps.

The mostly "impervious" App Store has recently faced its first large-scale malware attack. Apple announced on Sunday that it was surfacing and removing dozens of infected iPhone and iPad apps.


Hackers tricked developers into using a phony version of Xcode, Apple's own iOS and OS X creation software. Developers mistakenly downloaded malware called XcodeGhost from a Chinese file-sharing service that allowed for faster downloads than Apple's often slow servers. How these apps passed through Apple's security checks is still unknown.

WeChat, CamScanner, and the Chinese version of Angry Birds 2 are among the major apps built on XcodeGhost that may have stolen sensitive user info, including passwords. More than 300 apps are believed to be infected -- check the full list of identified apps here. If you use any of these infected apps, experts recommend that you uninstall them and reinstall the latest versions immediately.

More resources

Security and Antivirus Center

9 malware defenders

What is malware?

About Joshua Rotter

Joshua Rotter is a copy editor for and covers iOS.