Apple Inc said on Sunday U.S. time it is cleaning up its iOS App Store to remove malicious iPhone and iPad programs identified in the first large-scale attack on the popular mobile software outlet.
The company disclosed the effort after several companies that specialize in Internet security reported finding a malicious program dubbed XcodeGhost that was embedded in hundreds of legitimate apps.
Tang Wei, a security expert with a domestic antivirus provider Rising, said so far all the affected Apps were detected in the Chinese market.
"The fact that the malware affected developer tools may have something to do with the habit of the Chinese developer community of downloading these tools from a third-party platform, rather than Apple's official platform," Tang told the Global Times Monday.
Tang said the incident will force Apple to further improve the safety of its ecosystem and tighten its stringent app review system.
It was the first reported case of large numbers of malicious software programs making their way past Apple's stringent app review process. Prior to this attack, just five malicious apps had ever been found in the App Store, according to cyber security firm Palo Alto Networks Inc.
The hackers embedded the malicious code in these apps by convincing developers of legitimate software to use a tainted, counterfeit version of Apple's software for creating iOS and Mac apps, which is known as Xcode, Apple said.
"We've removed the apps from the App Store that we know have been created with this counterfeit software," Apple spokeswoman Christine Monaghan said in an e-mail. "We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps."
She did not say what steps iPhone and iPad users could take to determine whether their devices were infected.
Tang urged users to upgrade their apps to avoid being hacked.
"For ordinary users, if their privacy and payment information is compromised by using popular software such as taxi-hailing apps, there could be a big problem," Li Donglou, an Internet industry observer, told the Global Times on Monday.
Experts said that the incident could have a potentially negative effect on the iconic company.
"With this incident, customers were reminded that even an operating system provided by Apple Inc, traditionally seen as a safe haven, is now exposed to hacking risks," Li said.
Palo Alto Networks Director of Threat Intelligence Ryan Olson said the malware had limited functionality and his firm had uncovered no examples of data theft or other harm as a result of the attack.
Still, he said it was "a pretty big deal" because it showed that the App Store could be compromised if hackers infected the machines of software developers writing legitimate apps. Other attackers may copy that approach, which is hard to defend against, he said. "Developers are now a huge target," he said.
Researchers said infected apps included Tencent Holdings' popular mobile chat app WeChat, car-hailing app Didi Kuaidi and a music app from Internet portal NetEase Inc.
The tainted version of Xcode was downloaded from a server in China that developers may have used because it allowed for faster downloads than using Apple's U.S. servers, Olson said.