Some popular Chinese applications in Apple Inc.’s App Store were found to be infected with malicious software, the Wall Street Journal reported, citing multiple internet security researchers.
The applications were infected after software developers were lured into using an unauthorized and compromised version of Apple’s developer tool kit, according to researchers at Alibaba Mobile Security, a mobile antivirus division of Alibaba Group.
The list of recently compromised iPhone and iPad apps includes Tencent’s mobile chat app WeChat, car-hailing app Didi Kuaidi, and a Spotify-like music app from NetEase Inc, the report said.
The attack affected more than three dozen apps, according to US-based cybersecurity firm Palo Alto Networks.
The infected apps can transmit information about a user’s device, prompt fake alerts that could be used to steal passwords to Apple’s iCloud service, and read and write information on the user’s clipboard, according to experts.
In separate statements posted to social media over the weekend, Tencent, Didi Kuaidi and NetEase said their applications had been compromised but said no sensitive customer information had been lost.
At present, we haven’t discovered any loss of user information or assets as a result of this [breach], though the WeChat team will continue to monitor and do tests,” Tencent said.
A new, clean update of the WeChat app had been uploaded to the app store, it said.
– Contact us at [email protected]