The Apple App store hack: China’s Internet controls played a part

Sep 21, 2015

China’s so-called Great Firewall, which keeps users inside the country from accessing Facebook, the New York Times, and other sites banned because they pose some threat, direct or indirect, to the ruling Communist Party, might be at least partly to blame for a hack that infiltrated the usually secure Apple App store in China.

Hackers targeted the software that developers use to create apps for Apple’s App store. In China, access to foreign websites can be spotty and slow. The hackers advertised a faster download for Apple’s development tool kit called Xcode that instead of being hosted on Apple’s official servers was on Baidu Inc.’s (bidu) cloud service, which is widely used in the country and hosts very fast downloads.

The malicious version of the tool kit then compromised some of the most popular Apps in China including Tencent Holdings Ltd's (tcehy) WeChat, Tencent-baked Didi Dache, and a streaming music service from Netease and a train ticketing site.

“This is a significant compromise of Apple’s app store. Apple (aapl) notoriously manually reviews all app submissions and, in comparison to Android stores, has been relatively malware-free. This is the most widespread and significant spread of malware in the history of the Apple app store, anywhere in the world,” said Greatfire.org, an activist site tracking China’s Internet firewall.

“Xcode is usually obtained directly from Apple’s Mac App Store, but because large cross-border downloads can be slow and unreliable in China, in large part because of the government’s Internet controls, many users there turn to potentially unsafe unofficial sources,” the China Digital times concluded.

One security analyst told Wired consumers shouldn’t be overly worried if they downloaded the infected apps. “I wouldn’t worry too much,” he said. “If you made it really, obviously bad, probably [Apple] would catch it.”

And over the weekend companies had responded with updated versions of apps and Apple said it had removed the infected apps. Baidu had taken down the infected version of Xcode. Tencent said the hack didn’t expose users’ information.

China’s tight Internet controls appear to have backfired, for once very publicly, putting the country's own tech champions at risk.

All products and services featured are based solely on editorial selection. FORTUNE may receive compensation for some links to products and services on this website.

Quotes delayed at least 15 minutes. Market data provided by Interactive Data. ETF and Mutual Fund data provided by Morningstar, Inc. Dow Jones Terms & Conditions: http://www.djindexes.com/mdsidx/html/tandc/indexestandcs.html. S&P Index data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. Terms & Conditions. Powered and implemented by Interactive Data Managed Solutions