Apple will Notify Users If They Have Installed XcodeGhost Infected Apps
XcodeGhost malware is being identified as the biggest security breach iOS has ever suffered. Discovered last week, Apple has been working not only to remove the compromised apps from iOS and OS X stores, but also to help developers and users identify if they have already been affected by the malware.
Apple to alert XcodeGhost affected users:
As shared with you earlier today, Apple has outlined steps to help developers validate the installation of Xcode installed on their Mac. Cupertino tech giant also appears to be helping users to assist them identify if they have any infected app instances installed on their iOS devices. The list of XcodeGhost infected apps is quite long, carrying some widely popular apps like Angry Birds 2, WeChat, CamCard, among several others. Apple started removing all the infected instances from the App Store earlier this week, however, it was reported that there might be even more apps affected by the malware that aren't yet discovered.
Considering the scale of this malware and its capabilities of snooping into a user's device and phishing user data, Apple is taking some major steps to make sure this type of attack doesn't ever happen again, as Apple's Phil Schiller explained. Apple has now shared in a XcodeGhost question and answer page in its Chinese website that it will help protect the end-user by letting them know if they have downloaded any app(s) that have been created using the modified Xcode.
A list of the top 25 most popular apps impacted will be listed soon so users can easily verify if they have downloaded the latest versions of these apps. After the top 25 impacted apps, the number of impacted users drops significantly.
Customers will be receiving more information letting them know if they’ve downloaded an app / apps that could have been compromised. Once a developer updates their app, that will fix the issue on the user’s device once they apply that update.
Apple and security firms claim that there haven't been any cases where XcodeGhost has been used for malicious activities. Apple explains it has "no information to suggest that the malware has been used to do anything malicious or that this exploit would have delivered any personally identifiable information had it been used."
However, due to the critical nature of this malware, it is strongly advised to remove any infected apps to be secure in the future too from having your personal data compromised. Apple is asking users to reset their iCloud and account passwords if they found any of the infected apps installed on their iOS devices.