Apple has named the top 25 apps infected by the XcodeGhost malware, stating that “the number of impacted users drops significantly” for other compromised apps. Most security researchers now agree that the total number of infected apps is in or around four figures, with many of them still present in China’s App Store … 


Apple states that it is working with developers to get clean versions of the apps back into the App Store, with eight of the most popular apps not yet restored, including Angry Birds 2 and China Unicom’s Customer Service app.

The company has also confirmed that it is blocking submissions of new apps infected by XcodeGhost, but has not yet made a statement on its plans for removing the remaining affected apps still available for download.

The full list posted by Apple is:

  • 58 Classified
  • Angry Birds 2
  • Baidu Music
  • Battle of Freedom
  • Call Me MT 2
  • CarrotFantasy
  • CarrotFantasy 2
  • China Unicom Customer Service
  • Dark Dawn
  • DiDi Taxi
  • DuoDuo Ringtone
  • Encounter
  • Flush
  • Flush HD
  • Foreign Harbor
  • Gaode Map
  • Heroes of Order & Chaos
  • Himalaya FM
  • I Like Being With You
  • Let’s Cook
  • Miraculous Warmth
  • NetEase Music
  • One Piece
  • Railroad 12306
  • WeChat

Only apps on the App Store serving Greater China were infected.

Apple is taking steps to make the genuine version of Xcode available for download on Chinese servers, after it found that developers were tricked into downloading the fake version while seeking faster downloads locally, and has provided a tool to validate existing copies. Phil Schiller has stated that the infected apps do not allow access to user data, and this has been confirmed by independent researchers.

About the Author

Ben Lovejoy's favorite gear