iOS Apps Infected by XcodeGhost App Store Malware – List

Rafia Shaikh
Posted Sep 22, 2015
41Shares
Share Tweet Submit

XcodeGhost is being termed as the biggest security breach that has hit iOS devices, affecting over 500 million users worldwide. While the earlier analysis suggested China being the main target, more tests carried out since the news broke out reveal a much larger affected demographic, including Europe.

Palo Alto Networks security research firm was the first to discover XcodeGhost which is a malware found in Xcode, Apple’s official tool for developers to create iOS and OS X apps. As we reported last week, the malware was suggested to have impacted 39 apps, including some names of the popular and legitimate apps. Over the weekend, it was revealed that over 344 apps have been detected carrying this malware so far. This list might grow with more names, but as Apple has already been trying to remove any instances of apps that are infected from the App Store, we might not be seeing at least the most popular titles joining this list.

Put together by the same folks at Palo Alto Networks, here are some of the XcodeGhost affected apps that have been identified so far.

XcodeGhost infected apps:

air2
AmHexinForPad
Angry Birds 2 (Chinese version only, according to Rovio)
baba
BiaoQingBao
CamCard
CamScanner
CamScanner Lite
CamScanner Pro
Card Safe
China Unicom Mobile Office
ChinaUnicom3.x
CITIC Bank move card space
CSMBP-AppStore
CuteCUT
DataMonitor
Didi Chuxing
Eyes Wide
FlappyCircle
Flush
Freedom Battle
golfsense
golfsensehd
guaji_gangtai en
Guitar Master
High German map
Himalayan
Hot stock market
I called MT
I called MT 2
IFlyTek input
IHexin
immtdchs
InstaFollower
installer
iOBD2
iVMS-4500
Jane book
jin
Lazy weekend
Lifesmart
Mara Mara
Marital bed
Medicine to force
Mercury
Micro Channel
Microblogging camera
MobileTicket
MoreLikers2
MSL070
MSL108
Musical.ly
NetEase
nice dev
OPlayer
OPlayer Lite
PDFReader
PDFReader Free
Perfect365
Pocket billing
PocketScanner
Poor tour
Quick asked the doctor
Quick Save
QYER
Railway 12306
SaveSnap
SegmentFault
snapgrab copy
Stocks open class
SuperJewelsQuest2
Telephone attribution assistant
The driver drops
The Kitchen
Three new board
ting
TinyDeal.com
Wallpapers10000
Watercress reading
WeChat
WeLoop
WhiteTile
WinZip
WinZip Sector
WinZip Standard

There may be hundreds of other apps that are affected and yet to be detected. As reported previously Apple has started to remove these apps, however, if you want to confirm if your device has been infected, Pangu has a solution for you on its website that will detect your iOS device for any XcodeGhost hosting apps. While we wouldn’t advise you to try out these third-party solutions, it is better to uninstall the apps that are reported to be infected and get them back once Apple uploads their clean copies in the App Store.

Earlier in the year, The Intercept reported Central Intelligence Agency (CIA) indulging in techniques like modifying Xcode to break into Apple’s devices. Citing documents provided by NSA whistleblower Edward Snowden, the report claimed that CIA “had created a modified version of Apple’s proprietary software development tool, Xcode, which could sneak surveillance backdoors into any apps or programs created using the tool.” As privacy activists have long argued, such tactics by security agencies often open up security loopholes to other groups as well, putting security and privacy of larger public at risk.

Complete List

Share Tweet Submit