Pixelbliss - Fotolia

Apple removes more iOS apps over security concerns

Apple has blocked more apps over security concerns just weeks after ridding the App Store of XcodeGhost malware

Apple has announced another round of removals from its iOS App Store over privacy concerns.

The move comes just weeks after the firm had to get rid of apps carrying the XcodeGhost malware and just days after news broke of the YiSpecter malware that can infect all pre-iOS 8.4 Apple devices.

Apple said it had removed "a few" applications from its App Store because of concerns that users' personal data could be compromised in certain circumstances, according to Reuters.

The company said the affected apps installed certificates that could expose data to monitoring by third parties, but did not say how many apps were removed from the App Store.

Apps with “root certificates” send user data to servers where it can be analysed, but that enables network providers to view encrypted traffic and puts users at risk of data breaches.

Ad blockers are among the apps that have been removed because they could use their root certificates to examine traffic passing through them at the packet level, bypassing encryption and other data protection methods, reports TechCrunch.

Apple said it was working with the developers involved to help them to get the apps back in the App Store as quickly as possible, while ensuring customer privacy and security.

The company said it would set up a support facility online to help users remove the risky apps from their Apple devices.

Read more about iOS malware

  • Malicious actors have found new ways to attack non-jailbroken iOS devices, but experts say the YiSpecter iOS malware may not be as dangerous as it sounds
  • The largest incident of iOS malware found in the Apple App Store has grown exponentially, as researchers find more than 4,000 apps infected
  • For the first time, a large amount of iOS malware has made it past Apple's App Store security controls, potentially affecting hundreds of millions of users
  • Security researchers discovered a new type of iOS malware that targets jailbroken devices and can allow attackers to take over the devices via iCloud

Lists of trusted root certificates for Apple operating systems are available on the support site.

The recent spate of malware in the App Store has called into question the efficacy of Apple’s autocratic and controversial walled garden approach.

Apple insists that its closed and closely regulated app ecosystem is essential for ensuring security and privacy, with every app undergoing a checking process before being admitted to the App Store.  

Some commentators have suggested that the rise in iOS malware will shake users’ confidence in Apple’s security.

However, independent security consultant Graham Cluley said the problem of malicious software remains much more significant for Google’s Android mobile operating system.

“Thousands of new Android malware samples are being discovered all the time. The good news for iOS users is that, for now at least, malware is a relative novelty,” he wrote in a blog post.

Read more on Privacy and data protection