Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Lists Top 25 Apps Compromised by XcodeGhost Malware
- Thread starter MacRumors
- Start date
- Sort by reaction score
This list is far from complete. CamScanner, an app in the top 10 for Productivity, was just updated acknowledging XCodeGhost problems. Yet, it is not listed in this top 25. Similarly, no word on the other app I had on my phone: Mercury 9.0.1 which is no longer available, but that also was on another list of infected apps. It's been a week and there is still no explanation or direct warning from Apple to their users. I deleted both apps preventively, and I am not sure if any data was compromised. Pretty lackadaisical for the biggest tech company out there.
#78 comments and nobody's even bothered about an app called "CarrotFantasy" even existing, let alone being in the top 25..
wow.
wow.
Apple is handling this situation is extremely bad. First off they should have been swift at removing ALL the apps affected. Secondly an email should have been sent to everyone with the whole list of apps affected by this.
I shouldn't have to go to 3rd party sources to find out which apps were affects. Apple should have informed us.
I shouldn't have to go to 3rd party sources to find out which apps were affects. Apple should have informed us.
I really think Tim Cook has to stop going on stage in keynotes and bragging about how many millions of apps iPhone has.
Obviously he should focus on a platform of quality rather than a platform of quantity. Apple has to still seriously pull up their socks when it comes to platform security. They are the new Microsoft, period.
Standing up on stage going on about how many millions of apps iOS has, when 70% of them are not downloaded once and the average rating of an app is less than 1 star, and now a new malware problem, this is nothing to brag about.
Obviously he should focus on a platform of quality rather than a platform of quantity. Apple has to still seriously pull up their socks when it comes to platform security. They are the new Microsoft, period.
Standing up on stage going on about how many millions of apps iOS has, when 70% of them are not downloaded once and the average rating of an app is less than 1 star, and now a new malware problem, this is nothing to brag about.
Just a moment... I think my new iPhone 6s is coming in from China... Clearly a lot of folk spent good money on iPhones and iPads and then fill them up with CRAP - CarrotFantasy! - you couldn't make it up...
How would a third party get these figures? I understand that Apple would have the capacity to scan apps, but outside security companies? Would they have had to download over 4000 apps and examine them locally?
Perhaps a developer could pitch in with an answer.
They have already said they will be in touch, I'm sure via email to your registered AppleID. They probably need to get all their ducks in a row; understand how many are affected, what the consequences are, get any statement passed by both the marketing and legal departments etc. No point going off half cocked.
80% of all apps in any app store are probably junk. I'd much rather have 200,000 great apps than 10 million crApps.
PhoneArena is listing 85 affected apps. I had OPlayer on multiple devices to play Windows Media attachments, as does someone at work.
http://www.phonearena.com/news/These-are-the-85-iOS-apps-affected-by-the-XcodeGhost-malware_id73932
Last edited by a moderator:
80% of statistics are junk....... The fact that a store is normally filled with junk does not justify another to be the same, especially if the owner brags about it...and against other store that are "filled with junk".
People tend to justify because someone else did it first, if we go by that standard, all car manufacturer should be allowed to cheat in light of what VW did....after all they did it why can't Chevy do the same?
I don't have anything from top 25, but I had OPlayer, which was mentioned in earlier list.
I used to live in China for work and still use Wechat to communicate with my friends back in Beijing. Wechat is a big deal since it is an essential smartphone app in China.
Chinese dev (and any other dev) could upload app in any region. Many apps from list in US store too.
I'm wondering out loud though whether, if left unchecked, this malicious code could spread to other Apps, or embed itself in mainstream software? Possibly circumventing 'sandboxing'? Devs?.....
I would not trust any of those lists to be 100% correct. Some blogger read some other lists and is just passing them on, so any errors propagate. What I would do with a suspect app is go back to the App store and see whether it has been pulled or updated. There is one item on that list in which the developer insists he is XCodeGhost-free (there is a similarly named app that IS infected) and is frantically trying to get the owners of these lists to correct them. Good luck; he is probably going out of business due to someone's clerical error. It's funny, but he would be better off falsely stating he was infected, and issue an update with the same code.
Probably the same reason you want to know why it's important to MH01: curiosity.
To be fair, he didn't say it was important. He said I wonder.Besides, the situation is still developing. There is a lot not known about this and there's a crap ton of supposition floating around. Vague statements from Apple don't help. Stuff like: "After the top 25 impacted apps, the number of impacted users drops significantly." Wth does drops significantly mean?