Security Blog

‘’XcodeGhost’’ – a recently discovered iOS Malware

XcodeGhost is a recently discovered iOS malware assumed to be originating from the malicious version of Xcode, which is Apple’s official tool for developing iOS and apps. This malware will put the device at risk by collecting and sending information to a command and control server. The information may include details such as time zone, device, apps and network.

All unofficial versions between Xcode 6.1 and Xcode 6.4 are affected by this malware. The distribution is carried out by the Chinese cloud service Baidu. The infected tool is downloaded by Chinese developer without them knowing that the tool can infect their compiled iOS apps. Somehow these maliciously developed apps manage to sneak through the Apple’s code review process and make their way to app store.

As per the findings the apps developed on XcodeGhost can affect iPhone, iPad and iPod. Apple is working on removing the infected apps from the app store and also working with the developers to make sure that they use the proper version of Xcode.

  • 24 Solutions AB
  • Smedjegatan 2C
  • SE-13154 Nacka, Sweden
  • +46 (0)8 535 24 100