XcodeGhost – A new threat affecting apps within Apple’s own App Store

By September 28, 2015 Article

Over the weekend, a new threat to iOS devices was discovered. This time the threat affects anyone who uses the App Store, not just jailbroken devices or third-party apps.

The program is called XcodeGhost, and it is a malicious version of the Apple software, Xcode, which is used by developers to create apps. The way it works is by hiding itself within the code of apps as they are created, and then again as they are uploaded to the App Store by developers. As reported by security firm Palo Alto Networks, the malware has the ability to receive commands from the server which could result in forcing your iOS device to open web pages or create fake prompts to trick you into giving up your Apple ID and password. It could even possibly access data in your clipboard to steal passwords you have stored in a management app.”

The good news is that it largely affects apps in China. This is because the XcodeGhost is downloaded through unofficial websites in China due to the long download time that can reportedly occur when downloading through Apple’s website. However, the apps you use might have infected code too. See a list of infected apps here: http://bit.ly/AppStoreAppList . Apple has also reportedly removed all of the infected apps from their App Store as well.

Although this most recent threat may not have directly affected you this time, it does bring about some interesting causes for concern. One being the recent string of threats to the iOS family of devices in recent months. More and more people are adopting iOS for their phones and tablets, making it all that much more appealing for hackers. The other concern is that Apple has had a loophole exposed in disguising infected code within the development of their apps. This loophole allows malware to sneak its way past Apple’s gates into the App Store. These days, it’s not just the consumers who are being targeted: the app developers themselves are a whole new target for hackers.

It will be interesting to see how Apple responds to this latest threat, and to see if they are able to keep the largely safe iOS realm safe from hackers in the future.