China’s slow internet may be to blame for the biggest hack in the history of Apple’s App Store.
According to Claud Xiao, a security researcher at the online security company Palo Alto Networks, developers in China sometimes turn to online forums instead of companies for software because it can take so long to download large files from Apple’s servers, which are outside of China.
Such was the case with Xcode, the official Apple software developers use to make iPhone apps.
Developers in China used a tainted version of Xcode, known as XcodeGhost, rather than the official version from Apple, to develop iPhone apps. As a result, hundreds of apps, including popular ones like WeChat, Angry Birds 2, and Didi Chuxing, a ride-hailing app, became infected with malware.
As Josh Horwitz writes in Quartz, websites based outside of China are slower than sites within the country because the activity is monitored by the government. This is known as “The Great Firewall.”
Horwitz searched for a download Xcode using the Chinese search engine Baidu, and found four different forums where people could get unofficial versions of the software toolkit. All of the results appeared in search results above Apple’s official version.
According to Palo Alto Networks, the malware can create fake alerts that pop up on your phone and request sensitive information, like passwords and login credentials.
Apple has removed affected apps from the App Store. But to protect yourself from the hack, security experts recommend making sure all of your apps are up to date and exercising vigilance when prompted to enter information in apps.
Business Insider Emails & Alerts
Site highlights each day to your inbox.