Should iPhone users be worried about malware in WeChat and other popular Chinese apps?

By Ella Wong, September 22, 2015

18 0

As you may have heard, Apple has pulled a number of apps made by Chinese developers from the App Store – among them WeChat, Didi and China Unicom ­– because they contain malicious code that could be used to steal data from users.

Apple has famously rigorous standards to ensure iOS apps are safe, so this major breach is considered the first large-scale attack on the App Store.

How did this happen?

The infected apps were all made with a counterfeit version of Apple’s Xcode, a software development tool used to make iOS apps. Most app developers download the official Xcode software from Apple’s website – but as we all know too well from painful experience, downloading files in China from overseas servers can be very time consuming indeed. It’s likely that Chinese app developers downloaded the counterfeit version of Xcode – which the hackers had put on Chinese servers and distributed on Chinese websites–­ simply to save themselves some mafan.

Which apps are affected?

China’s state-run broadcaster CCTV puts the total number of affected apps at around 350. They include some of China’s most popular apps from some of the country’ biggest and most trusted names, among them:

·      WeChat

·      Popular car-hailing app Didi Chuxing

·      Official train ticket booking app 12306

·      Gaode map app

·      NetEase’s music app

·      China Unicom’s account management app

·      CITIC banking app

Here’s a list of the first batch to be detected.

What does the malware do?

A number of capabilities have been ascribed to the malware that would potentially allow the hackers to do the following:

·      Steal user data

·      Steal logins and passwords

·      Open dangerous websites

·      Push ads and fake alerts to devices

Who’s behind the attack?

On Sunday, a Weibo account named XcodeGhost-Author claimed responsibility and apologized, saying the malware was an “accidental discovery” that was distributed as “a one-time, mistaken experiment.”

According to the Wall Street Journal:

“The message said the user inserted code that would have allowed the pushing of ads to devices but that the function was never exploited. The message added that the malware collected only basic data. ‘And 10 days ago, I actively shut down the server and deleted all the data, so it will not have any effect on anyone,’ it said.”

 Of course, it’s not possible to verify if the message really came from the hackers, or how innocent their intentions really were.

Should I be worried?

At this point, it’s difficult to be sure whether or not malicious hackers have obtained the kind of data (personal information, passwords, photos and so on) that you should be worried about. Having said that, there’s probably no need to panic. Per China Digital Times:

“According to [security firm] Palo Alto Networks’ technical analysis, the currently compromised apps gather mostly innocuous data including the time; infected app’s name and bundle identifier; the name, type, UUID, and language and country settings of the device; and the type of network to which it is connected.”

Security researcher Charlie Miller agrees, telling Wired: “I wouldn’t worry too much” because “the apps that did get through didn’t seem to do any really nasty stuff.”

It’s still advisable to remove any affected apps from your phone just in case.

So… I should uninstall WeChat from my iPhone?

The thought that you might have to abandon your epic collection of stickers and resort to communicating with friends via actual text – as in words in an SMS like it’s 2012 or something – might be too much for some. The good news – if you trust Tencent – is WeChat claims the malware was only detected on an old version (WeChat v. 6.2.5), and as long as you install or upgrade to the latest version (6.2.6), currently available in the App Store, you’ll be fine. They also say, “A preliminary investigation into the flaw has revealed that there has been no theft and leakage of users’ information or money, but the WeChat team will continue to closely monitor the situation.”


[Sources: CNN, BBC, Wall Street Journal, China Digital Times]

more news

Check Out This Map of Nearby Coronavirus Cases on WeChat

You can access a map that shows confirmed cases of the virus near your home.

WeChat to Offer Paywall Feature for Official Accounts Platform

WeChat’s Official Accounts Platform has grown into one of the most important channels for the Chinese online community to get information.

6 Interesting Things WeChat Knows About You

WeChat’s 2019 statistical report is officially out, giving everyone plenty of insight into the average user.

WeChat Mistranslates National Flags into Bizarre Phrases

A flaw on WeChat went viral on Tuesday involving national flags and some pretty bizarre translations.

Here’s How to Add Your International Credit Card on WeChat

The announcement is exciting news for international travelers and businesspeople looking to avoid handling cash when possible.

Show Your China Pride on WeChat with This Mini-Program

National Day is right around the corner!

0 User Comments

In Case You Missed It…

We're on WeChat!

Scan our QR Code at right or follow us at thatsonline for events, guides, giveaways and much more!

7 Days in China With

Weekly updates to your email inbox every Wednesday


Download previous issues

Never miss an issue of That's Magazines!

Visit the archives

Get the App. Your essential China city companion.