More than three-dozen apps – including many of the most popular in China, such as Tencent’s WeChat and ride-hailing service Didi Kuaidi – have been found to be infected with malware due to developers having used a corrupted iOS development tool kit hosted on Baidu’s cloud service, The Wall Street Journal reported, citing Alibaba Group Holding’s mobile antivirus division and US-based online security firm Palo Alto Networks. Developers had used the mainland cloud service because China’s Internet filters made downloading directly from Apple too slow. The infected apps can leak information on a user’s device and send fake alerts to steal passwords to the Apple iCloud service. Statements posted to social media by companies whose apps had been affected maintained no sensitive customer information had been lost.
For more on cybersecurity in China, see CER’s latest in-depth report.