XcodeGhost: a new malware infecting many popular iOS apps

September 19, 2015 by  
Filed under Apple iPhone

apple-security

A few dozen iPhone and iPad applications, most of them developed for China, have been infected with XcodeGhost, a malware that collects information on the devices and uploads that data to remote servers.

Among them is WeChat, one of the most popular instant messaging applications in the world.

Rather than exploit an iOS vulnerability, the malware in question sneaks its way into apps indirectly, by targeting Apple’s official compilers used to create legitimate apps. The malware was found to inject its malicious code into a Mach-O object file that was repackaged into some versions of Xcode, Apple’s official tool for developing iOS and OS X apps.

These Trojanized Xcode installers were then uploaded to Baidu’s cloud file sharing service used by Chinese app developers, explains Palo Alto Networks. The malicious code then inserts itself into any iOS app compiled with the infected Xcode without the developers’ knowledge.

It’s not Apple’s fault, really: this would have never happened had these developers downloaded Xcode files directly from Apple. Baidu has since removed all of the infected files from its servers and some of the infected apps have since removed the malware code in their latest builds…. Read the rest of this post here


XcodeGhost: a new malware infecting many popular iOS apps” is an article by iDownloadBlog.com.
Make sure to follow us on Twitter, Facebook, and Google+.

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!