“We offer developers the industry’s most advanced tools to create great apps”, the statement said. She added that the company is working with developers to make sure they are not using the counterfeit software.
Advertisement
According to security researchers from Palo Alto Networks, iOS users should be wary of a new malware attack on Apple’s App Store which has been called XcodeGhost.
According to cyber security firm Palo Alto Networks Inc: [p]rior to this attack, only five malicious apps had ever been found in the App Store.
The WeChat developer stated that they had fixed the problem associated with the app, but all existing members had to download the latest version in case they had downloaded the version that contained the malware.
The apps that were made with this software could open other websites to spread the virus and create pop-up screens asking for personal information like passwords. The malware was originally discovered by Chinese iOS developers last week, and it’s been determined that it originated in a modified version of Xcode, Apple’s iOS and OS X app development tool.
The apps were infected after Chinese developers mistakenly downloaded a fake copy of Xcode dubbed “XcodeGhost“.
Even though only 40 apps have been reported to be infected, and despite Apple already removing them from the App store, it is expected that about 300 apps will still get affected.
Due to the fact the hack originated in China it is likely only Apple users in the Far East will be affected by the hack. WeChat is one of the most popular messaging service in the world and serves hundreds of millions of users.
Tencent Ltd., operator of the popular WeChat social media service, said its software was affected and the company released a new version after its security researchers found the malicious code.
Qihoo 360, from its analysis of 1.45 million iOS apps, counted about 344 infected apps created from the bogus Apple software.
Advertisement
“Since the dialogue is a prompt from the running application, the victim may trust it and input a password without suspecting foul play”, Palo Alto Networks said in its blog post.
