Jump to content

Welcome to AppCake Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

About Recent iOS Malware XCodeGhost


  • This topic is locked This topic is locked
2 replies to this topic

#1
hotsjf

hotsjf

    7 years in scene

  • Admin
  • 7,568 posts
    • Time Online: 189d 19h 46m
  • Twitter:@iphonecake_com
  • LocationUSA
  • iDevices Owned:iPod Classic, iPod Touch 4, iPhone 3GS, iPhone 4, iPhone 5S, iPhone 6+, iPad 1, iPad 3, iPad 4, iPad Air 2, Apple Watch, MacBook Air, MacBook Pro, iMac
  • Most used iOS:iOS 6, iOS 7, iOS 8

Hey guys,

Yet another malware target iOS devices, NOT only Jailbreak devices though, for all iOS devices, called: XCodeGhost

It is massively distributed in Chinese App Store, I think it's still safe in other App Store apps.
The malware is introduced to the app by using a tampered XCode to compile the source code.

You may ask why using a tampered XCode? Well, In some country, like China, downloading a 3.6GB tool from Apple server is insanely slow, so people go after faster mirrors.

The infected app will send out user information (not important though) to a server, and may display popup and open up URLs.

Here is a story written by Forbes: http://www.forbes.co...pple-app-store/

I will update this topic if I found any non-Chinese apps got infected.

P.S. one of the most popular Chinese app: WeChat (version 6.2.5 ONLY) got infected, if you installed it, you may wanna change your App Store password.


  • Geoza likes this

#2
hotsjf

hotsjf

    7 years in scene

  • Admin
  • 7,568 posts
    • Time Online: 189d 19h 46m
  • Twitter:@iphonecake_com
  • LocationUSA
  • iDevices Owned:iPod Classic, iPod Touch 4, iPhone 3GS, iPhone 4, iPhone 5S, iPhone 6+, iPad 1, iPad 3, iPad 4, iPad Air 2, Apple Watch, MacBook Air, MacBook Pro, iMac
  • Most used iOS:iOS 6, iOS 7, iOS 8
Author of XCodeGhost posted an explanation: Saying the XCodeGhost is not harmful, just an experiment, opensourced:


https://github.com/X...urce/XcodeGhost
  • Geoza likes this

#3
luudaigiang

luudaigiang

    Caker

  • IC Trusted User
  • 49 posts
    • Time Online: 16h 10m 37s

How to check if your phone is infected by the xcodeghost malware:

 

http://superphen.co/...eghost-malware/