XcodeGhost: As discovered by the security company Palo Alto Networks 17 September 2015, a modified version of Apple's Xcode Integrated Development Environment (IDE) was used by Chinese developers to distribute malicious software unknowingly through a compiler called XcodeGhost .
Malicious code was passing through iOS apps without knowing it as we mentioned above. Apple reportedly said nothing about the issue, and just yesterday confirmed that about 300 malware had gone into iOS apps and removed from the App Store.
Christine Monaghan of Apple told the Guardian that
"We have removed the applications from the App Store that we know have been created with this fake software. We work with developers to make sure they are using the right version of Xcode to re-develop their applications. ”
Which CIA hangs though? Intercept reported in 10 March of 2015, that during a secret annual meeting where security researchers work with the Central Intelligence Agency (CIA) to share their latest discoveries, some of the researchers who were present reported creating a modified version of Xcode that is able to add backdoors to any application developed by the developer.
In addition, iOS applications created using the malicious Xcode IDE have the ability to steal passwords from devices, and send them to an administration and control center of their choice.
As revealed in the Intercept publication:
"It remains unclear how the secret services will make developers use the 'teased' version of Xcode."
The malicious software described by CIA security researchers has very similar features to XcodeGhost, and the way it could infect iOS apps matches the one used by XcodeGhost.
It should also be noted that a few days ago, as discovered by PixelsTech, an anonymous Github user posted in a new repository the so-called source code of XcodeGhost, stating in the description that malware would not steal personal information from its users iOS.
He claims that XcodeGhost was designed to demonstrate the fact that Xcode allows you to modify the configuration files and load custom source code.
Note that the only reason this story has happened is that the Chinese developers were looking for a server from which they could quickly download Xcode. Remember that the Asian network APNIC, can be very fast in Asia, but it "crawls" if someone tries to download something from Europe or America.
So the malicious Xcode installers that are distributed through Baidu's cloud file sharing service have become unmoved by Chinese developers.
Registration in iGuRu.gr via email
Follow us on Google News