iPhone app malware attack: details you need to know

This morning Apple released a statement on a large-scale attack on their iOS App Store. Apple is in the process of cleaning up after the attack, having found a malicious program by the name of XcodeGhost earlier today. This is the first reported case of malware making its way into Apple's App Stores in any sort of large-scale manner. According to cyber security firm Palo Alto Networks, just five malicious software-containing apps had ever been found on the iOS App Store before.

Speaking with Rueters, Apple spokeswoman Christine Monaghan suggested that the company has "removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps."

The trick was in the creators of these malicious bits of code's means. They pushed the developers first.

As Apple explained, hackers had convinced developers to use an already-infected version of Xcode to develop their apps. Once the apps – already in the iOS App Store – were then updated, the malware was loose.

According to Palo Alto Networks, the following apps had been infected at one point and may still be infected on your device right now:

air2

AmHexinForPad

Angry Birds 2*

baba

BiaoQingBao

CamCard

CamScanner

CamScanner Lite

CamScanner Pro

Card Safe

China Unicom Mobile Office

ChinaUnicom3.x

CITIC Bank move card space

CSMBP-AppStore

CuteCUT

DataMonitor

Didi Chuxing

Eyes Wide

FlappyCircle

Flush

Freedom Battle

golfsense

golfsensehd

guaji_gangtai en

Guitar Master

High German map

Himalayan

Hot stock market

I called MT

I called MT 2

IFlyTek input

IHexin

immtdchs

InstaFollower

installer

iOBD2

iVMS-4500

Jane book

jin

Lazy weekend

Lifesmart

Mara Mara

Marital bed

Medicine to force

Mercury

Micro Channel

Microblogging camera

MobileTicket

MoreLikers2

MSL070

MSL108

Musical.ly

NetEase

nice dev

OPlayer

OPlayer Lite

PDFReader

PDFReader Free

Perfect365

Pocket billing

PocketScanner

Poor tour

Quick asked the doctor

Quick Save

QYER

Railway 12306

SaveSnap

SegmentFault

snapgrab copy

Stocks open class

SuperJewelsQuest2

Telephone attribution assistant

The driver drops

The Kitchen

Three new board

ting

TinyDeal (dot) com

Wallpapers10000

Watercress reading

WeChat

WeLoop

WhiteTile

WinZip

WinZip Sector

WinZip Standard

*Rovio is one of several companies that suggest only the China-based release of their app was infected.

We'd rather err on the side of caution and will be un-installing the lot before we re-install after Apple's given the all-clear. Stick around our Apple hub for more information as information is made available.