Recently thousands of apps on the apple app store were found with malware. They were infected by a program called XcodeGhost. XcodeGhost is ios malware which is hidden in a modified version of Xcode which is an ide for ios and os x apps. The malware could be controlled from command and control servers and it could steal apple id’s and passwords and control the infected apps.
The infected apps are mostly Chinese apps because developers in China can’t download the official version of Xcode from Apple because of internet restrictions. XcodeGhost is hosted in china and developers are more likely to download it because it is much faster than downloading the official Xcode from apple servers hosted in the US.
“Since the initial reports, possibly thousands more iOS apps have been identified as infected; iOS hackers Pangu Team said it found more than 3,400, while Appthority found 476 apps and Qihoo 360 listed another 350.” One of China’s most poplar search engines called Baidu was infected and might have infected a ton of people.