Hackers have infected one of China's most popular social media applications on Apple's App Store, Chinese internet firm Tencent says.

WeChat, an instant messaging application developed by Tencent, has hundreds of millions of users in China and around the world.

"A security flaw, caused by an external malware, was recently discovered affecting iOS users only on WeChat version 6.2.5," Tencent said in a statement posted on the Wechat blog, adding the flaw had been repaired.

"There has been no theft and leakage of users' information or money."


iOS is the operating system used by Apple's hugely popular iPhone and iPad devices.

Citing US-based cyber security firm Palo Alto Networks, the Wall Street Journal said the attack affected more than three dozen apps.

Apps infected by the malware - code-named XcodeGhost - could transmit information about a user's device, mount phishing attacks to try to steal passwords, and access clipboard information, it said.

Other firms said to be affected included Chinese ride-hailing app Didi Kuaidi, internet portal NetEase, and mobile phone operator China Unicom, among several more.

Apple reportedly said it had addressed the security breach and had teamed up with developers to help fix affected apps.

"To protect our customers, we've removed the apps from the App Store that we know have been created with this counterfeit software and we are working with the developers to make sure they're using the proper version of Xcode to rebuild their apps," it said, according to the Journal.