Cracks in the wall: China's 'Great Firewall' may share some blame for breach at Apple's App Store

Infected apps included internet giant Tencent's WeChat, and ride-hailing app Didi Chuxing

PUBLISHED : Tuesday, 22 September, 2015, 12:03am
UPDATED : Tuesday, 22 September, 2015, 5:01pm

Restrictive online access by China's controversial "Great Firewall" may have indirectly contributed to the first major security breach in Apple's online App Store that likely exposed millions of users to malicious software.

Separate analyses conducted by leading security companies Palo Alto Networks and Qihoo 360 Technology, as well as reports by major domestic internet firms, found that many mainland app developers had been enticed by hackers to use a fake version of Xcode - Apple's software toolkit for building apps for the iPhone and iPad - from an alternative website that claimed to be reputable and offered faster download speeds.

The malware, called XcodeGhost, can launch phishing attacks to dupe recipients into giving personal data, according to reports yesterday.

Sources familiar with the matter said mainland developers had long complained about slow downloads of Xcode and other business tools because access was squeezed by China's firewall, which blocks websites prohibited by online censors.

The malware situation was exacerbated by certain developers' practice of disabling their iOS apps' "gatekeeper" feature, which is supposed to alert them to counterfeit software.

Read more: Chinese have no need for websites blocked by Great Firewall, says Beijing official

Qihoo 360, from its analysis of 1.45 million iOS apps, counted about 344 infected apps created from the bogus Apple software. Palo Alto found at least 39 infected apps.

The infected apps included internet giant Tencent's messaging app WeChat, known as Weixin on the mainland, with about 600 million users as of June 30, and mainland ride-hailing app Didi Chuxing - previously called Didi Kuaidi - with more than 200 million users.

"To protect our customers, we have removed the apps from the App Store that we know have been created with this counterfeit software, and we are working with the developers to make sure they are using the proper version of Xcode to rebuild their apps," said a statement released by Apple yesterday.

The fix offered by Tencent, Didi and operators of other affected apps was for users to download their latest software updates.

"A preliminary investigation into the flaw has revealed that there has been no theft and leakage of users' information or money," WeChat's blog said.