SAN FRANCISCO — Hackers have found their way into Apple’s App Store.

Apple confirmed on Sunday that a tool used by software developers for the company’s devices was copied and modified by hackers to put bad code into apps available on the App Store.

So far about 40 apps with malicious code, or malware, have made it into the App Store, said researchers at Palo Alto Networks, an online security company that is investigating the incident. In a blog post, the security company said the breach could potentially affect hundreds of millions of users.

The list includes some of the most popular apps in China, like the ride-hailing app Didi Kuaidi. Many of the apps are popular elsewhere as well, like the messaging app WeChat, which has about 500 million users, and the business card scanner CamCard. The Chinese online security company Qihoo said it has found more than 300 infected apps.

The fake developer code “was posted by untrusted sources,” said Christine Monaghan, an Apple spokeswoman. “To protect our customers, we’ve removed the apps from the App Store that we know have been created with this counterfeit software.”