A cyber security firm has discovered that Apple's App Store has been targeted in its first ever large-scale cyber attack.
In response, Apple has already begun removing iOS apps from the digital distribution platform that have been infected with the malware.
According to the security company Palo Alto Networks, hundreds of apps that were submitted to the App Store contain the malicious software XcodeGhost.
This is based on the Xcode software that Apple uses to create applications for its Mac and iOS platforms. The company explained that developers may have been tricked by the hackers to use a counterfeit version of Xcode in creating the apps.
As noted by the security firm, some of the apps found to contain XcodeGhost include WeChat, Super Jewels Quest 2, SaveSnap and Guitar Master.
After learning about Palo Alto Networks' findings, Apple immediately started removing the infected apps from the App Store. The company also coordinated with the legitimate developers to make sure that they are using the proper program in creating the apps.
"We've removed the apps from the App Store that we know have been created with this counterfeit software," Christine Monaghan, the spokesperson for Apple said in a statement according to Reuters.
"We are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps," she added.
However, after analyzing the malware, Palo Alto Networks discovered that the XcodeGhost can be used to take advantage of Apple users. For one, it can be programmed to display a fake prompt once an infected app is opened. This can trick users into typing in their passwords and other confidential information, according to Slash Gear.
But currently, Apple has not yet received reports of information theft from iPad and iPhone users regarding the cyber attack. The company has also not yet issued a statement regarding the proper steps users can take to protect themselves from the latest cyber attack.
But, just to be safe, it would be best to refrain from downloading apps from the App Store until Apple announces that the platform has been cleared of all infected programs.
This incident strongly shows how the hackers were able to get around Apple's tight security and review process. It has revealed how counterfeit software can be easily used to spread infected apps on the App Store.
Palo Alto Networks warned that other hackers could copy this approach and exploit a possible weakness in Apple's security in the future.
