Malware Targets iOS Versions Of China’s Big-Name Apps: Didi, WeChat, NetEase
A handful of China’s most popular apps have been infected by malware aimed at iOS devices, including Kuaidi Didi, WeChat and NetEase Music.
The breaches were made when developers used an unauthorized version of the Apple developer tool kit, a relatively common practice in China. According to U.S. cybersecurity firm PaloAlto Networks, the flaw affected over three dozen apps.
There has been an increasing number of iOS viruses and breaches targeting Chinese users recently. The problem highlights the country’s continued love affair with black market app stores and plagiarized software.
The breach apparently affected several functions within the apps, but did not reveal personal data or compromise payment information. The malware could gather information about the device, prompt fake alerts with the intention of stealing Apple iCloud passwords, and read information from a user’s clipboard.
An handful of high-profile companies came out with statements over the weekend noting that there had been a breach but that upgraded versions of the app would fix the issues.
According to WeChat, the country’s largest social media network, “a preliminary investigation into the flaw has revealed that there has been no theft and leakage of users’ information or money, but the WeChat team will continue to closely monitor the situation.”
Earlier this month a separate malware attack dubbed ‘KeyRaider’ stole over 225,000 iOS logins, targeting flaws in jailbroken phones.
“The purpose of this attack was to make it possible for users of two iOS jailbreak tweaks to download applications from the official App Store and make in-app purchases without actually paying,” said Palo Alto at the time.
As the biggest market of Apple’s iPhone, China’s susceptibility to jailbreaking and black market app stores makes it an increasingly vulnerable market for malware. Last year malware originating in China, ‘Wirelurker’, reportedly affected over 450 app downloaded over 365,000. The breach affected non-jailbroken iOS phones fro the first time signaling that “bad actors are getting more sophisticated,” according to Palo Alto.