Apple Lists Top 25 Apps Compromised by XcodeGhost Malware
Apple has updated its XcodeGhost FAQ on its Chinese website with a list of the top 25 most popular App Store apps that were compromised by the malware. The list includes some notable apps such as WeChat, Heroes of Order & Chaos and a localized version of Angry Birds 2.
Apple advises that users should update the affected apps to fix the issue, noting that if a listed app is available on the App Store right now, it has already been updated. Apps with an asterisk are currently not available on the App Store, but Apple says they should be updated very soon.
WeChat
DiDi Taxi
58 Classified - Job, Used Cars, Rent
Gaode Map - Driving and Public Transportation
Railroad 12306
Flush
China Unicom Customer Service (Official Version)*
CarrotFantasy 2: Daily Battle*
Miraculous Warmth
Call Me MT 2 - Multi-server version
Angry Birds 2 - Yifeng Li’s Favorite*
Baidu Music - Music Player with Downloads, Ringtones, Music Videos, Radio & Karaoke
DuoDuo Ringtone
NetEase Music - An Essential for Radio and Song Download
Foreign Harbor - The Hottest Platform for Oversea Shopping*
Battle of Freedom (The MOBA mobile game)
One Piece - Embark (Officially Authorized)*
Let’s Cook - Receipes
Heroes of Order & Chaos - Multiplayer Online Game*
Dark Dawn - Under the Icing City (the first mobile game sponsored by Fan BingBing)*
I Like Being With You*
Himalaya FM (Audio Book Community)
CarrotFantasy*
Flush HD
Encounter - Local Chatting Tool
Apple has been working to remove all apps compromised by XcodeGhost from the App Store, but some affected apps may remain available for download. Apple has also outlined steps for developers to validate Xcode and said it would alert users to let them know if they have downloaded apps that could have been compromised.
XcodeGhost is a new iOS malware that arose from malicious versions of Xcode, Apple's official tool for developing iOS and OS X apps, downloaded by some developers in China. Chinese developers then unknowingly compiled iOS apps using the modified Xcode IDE and distributed those infected apps through the App Store.
MacRumors posted a detailed XcodeGhost FAQ over the weekend that explains more about the malware, who is affected and how to keep yourself protected, although Apple has since downplayed the severity of XcodeGhost compared to what some security firms initially reported.
We have no information to suggest that the malware has been used to do anything malicious or that this exploit would have delivered any personally identifiable information had it been used.
We’re not aware of personally identifiable customer data being impacted and the code also did not have the ability to request customer credentials to gain iCloud and other service passwords.
Chinese developers initially disclosed XcodeGhost on microblogging service Sina Weibo last Wednesday.
Popular Stories
Apple has unveiled a whopping nine new products so far this March, including an iPhone 17e, iPad Air models with the M4 chip, MacBook Air models with the M5 chip, MacBook Pro models with M5 Pro and M5 Max chips, the all-new MacBook Neo, an updated Studio Display, a higher-end Studio Display XDR, AirPods Max 2, and now the Nike Powerbeats Pro 2.
iPhone 17e features the same overall design as...
Apple has unveiled nine new products this month, but the wait continues for the next-generation Apple TV 4K and HomePod mini models.
In his Power On newsletter today, Bloomberg's Mark Gurman said new versions of the Apple TV and HomePod mini have been "ready" since last year, but he reiterated that Apple has held off on releasing them until the more personalized version of Siri and other...
iOS 26.4 isn't the major update with new Siri features that we hoped for, but there are some useful quality of life improvements, and a little bit of fun with an AI playlist generator and new emoji characters.
Playlist Playground - Apple Music has a Playlist Playground option that lets you generate playlists from text-based descriptions. You can include moods, feelings, activities, or...
