It has emerged that a piece of Chinese malware was able to bypass Apple’s notoriously tough App Store safeguards.
TechSpot reports that the creators of the malicious XcodeGhost code embedded it in a fake version of Apple’s Xcode developer software. This was then posted online where a number of developers accidentally downloaded it, having mistaken it for the genuine version.
Any apps that were subsequently uploaded to Apple’s portal played host to the malicious code.
It is estimated that some 300 aps were infected in total, including Angry Birds 2, Chinese messaging app WeChat and card scanner CamCard.
XcodeGhost is able to bring up fake alert prompts and read or write data to a user’s clipboard.
Apple says that all of the offending apps have now been removed from its store. One of Apple’s ongoing advantages over Android is the relative security offered by the apps on its App Store.