The malware is known as XcodeGhost. It worked its way into several apps by convincing developers to use a counterfeit version of Xcode, which is the software used to create iOS and Mac apps.
Apple said that they have removed the apps from the App Store that they know have been created with this counterfeit software. They are working with the developers to make sure they are using the proper version of Xcode to rebuild their apps. The apps that were affected were Chinese messaging app WeChat.
According to the security company Palo Alto Networks, XcodeGhost was able to prompt fake phishing dialogs, open URLs and read and write clipboard data. There is no evidence that any data theft has occurred yet or other harm as a result of the attack.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now