As promised, Apple has published a list of the top 25 iOS apps that were infected by China’s XcodeGhost hack. Apple posted the list to its XcodeGhost FAQ on Thursday. The company is urging iOS users to update apps affected by the app as soon as possible.
“After the top 25 impacted apps, the number of impacted users drops significantly,” Apple says, adding that it is working directly with developers to get affected apps back up for download.
Apple’s list of the top 25 apps affected by XcodeGhost (* indicates titles not currently available in the App Store):
A malicious version of Xcode had been uploaded to Chinese cloud file sharing service Baidu and downloaded by some iOS developers in China. Those developers then unknowingly compiled apps using the malicious version of Xcode, and then made those apps available on the iOS App Store.
Chinese developers commonly download new versions of Apple’s development studio from servers other than Apple’s official source, due to the large size of the app, which can take a long time to download in China. Apple hopes to address the issue by having an official copy of the software available to download on Chinese servers.
The Cupertino firm says there is no proof the malware had been used for anything malicious, and says the code can only deliver some general information about a device’s apps, and system information.
Versions affected were unofficial versions between Xcode 6.1 and Xcode 6.4. Affected iOS devices include any device running a version of iOS that is compatible with the infected apps. This can affect any iOS device, jailbroken or not.