Apple Lists Top 25 Apps Infected With XcodeGhost Malware

Apple has taken the opportunity to provide some additional information about a number of third-party iOS apps that were recently discovered to be infected with the XcodeGhost malware. After the existence of the XcodeGhost trojan filtered down into the public domain, Apple took a number of steps to not only combat the issue, but also provide clarification on what it means to users, developers, and how it plans to rectify the problem and ensure that it doesn’t happen again. Now, as an addendum to that info, the Cupertino-based company has listed the top 25 apps that have been affected by the malware.

The official XcodeGhost FAQ on the Chinese version of the Apple website has now been updated with the additional information. The recently added information provides the public with additional information about applications that have been infected by the malware by focusing on what Apple deems to the the top 25 most popular apps. These are likely the third-party apps that the company believes have been downloaded the most times, or that are installed on the most iOS devices across the world, therefore potentially infecting the most people.


Notably popular apps such as WeChat, Angry Birds 2, and DuoDuo Ringtone are included in this list. WeChat for example, which is an extremely popular messaging application in the Chinese market, had approximately 600 million active accounts as Q2 2015. Along with the list of applications, Apple also provides some helpful information on what users can do if they are in ownership of one of the affected apps. The advise appears to be to immediately update the app if there is an update available on the App Store, or if no update is available, to just delete the app and wait for the developer to submit updated malware-free version of the app. If the app is still available to purchase or download then it’s already been given an update to rectify the problem.

The full list of top 25 affected apps according to Apple is as follows.

Note: Those listed in bold have temporarily been pulled from the official iOS App Store while an update is provided to remove the XcodeGhost threat. So if you have any of those in bold installed on your device, delete them immediately.

  • WeChat
  • DiDi Taxi
  • 58 Classified – Job, Used Cars, rent
  • Gaode Map – Driving and Public Transportation.
  • Railroad 12306
  • Flush
  • China Unicom Customer Service (Official Version) 
  • CarrotFantasy 2: Daily Battle
  • Miraculous Warmth
  • Call Me MT 2 – Multi-server version
  • Angry Birds 2 – Yifeng Li’s Favorite
  • Baidu Music – Music Player with Downloads, Ringtones, Music Videos, Radio & Karaoke
  • DuoDuo Ringtone
  • NetEase Music – An Essential for Radio and Song Download
  • Foreign Harbor – The Hottest Platform for Oversea Shopping
  • Battle of Freedom (The MOBA mobile game)
  • One Piece – Embark (Officially Authorized)
  • Let’s Cook – Receipes
  • Heroes of Order & Chaos – Multiplayer Online Game
  • Dark Dawn – Under the Icing City (the first mobile game sponsored by Fan BingBing)
  • I Like Being With You
  • Himalaya FM (Audio Book Community)
  • CarrotFantasy
  • Flush HD
  • Encounter – Local Chatting Tool

apple xcode

It remains extremely good practice to exercise caution and vigilance. After all, you can never be to careful when it comes to protecting your account credentials from malicious individuals intent of accessing your data.

As to how did the malware get into all these apps, to cut the long story short, developers, mostly from China, downloaded an illegal version of Xcode from a third-party site which added malware as part of the compiled apps. While Apple provides Xcode tool for free to developers on the Mac App Store, these developers opted to download the illegal version of Xcode because Apple servers are slow to download from in China.

You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the Web.