14 DAY TRIAL // In an article on their support website directed at Chinese customers, Apple describes in layman's terms how iOS users were affected and what the company will do to make sure that developers from China won't have to download the Xcode IDE from dubious sources again.
As expected, after acknowledging the XcodeGhost problem and removing the infected apps from their App Store, Apple has now published an article detailing how the malware affected iOS users who ran the malicious apps on their devices.
Moreover, according to Apple, there is "no information to suggest that the malware has been used to do anything malicious or that this exploit would have delivered any personally identifiable information had it been used."
Apple says that apps infected with the XcodeGhost malware were not able to steal passwords from iOS devices
Furthermore, Apple is "not aware of personally identifiable customer data being impacted and the code also did not have the ability to request customer credentials to gain iCloud and other service passwords."
Developers who had apps affected by XcodeGhost are now working around the clock to provide new clean builds of their apps to replace previous versions built using the counterfeit Xcode copy.
Future submissions of affected apps will be blocked, and users of infected apps will be alerted
From now on, Apple also states that it will automatically block all app submissions containing any traces of the XcodeGhost compiler malware and is working with developers to get back on the App Store each and every app that was infected and removed.
Apple goes on to say that all iOS users who downloaded one of the affected apps will be alerted and that they are also working on a method to provide Chinese developers with a faster way to download the Xcode on their Macs to prevent a similar problem in the future.