Are you an iOS user? Then you might have already heard about the XcodeGhost that keeps infecting iOS devices. If you have yet to hear about it, we advise caution. This thing can be very dangerous. We are going to explain what the XcodeGhost is and what it has done that people consider it such a threat.
It all started on Friday last week, when Palo Alto Networks discovered and reported that 39 apps which could be found in the App store had been infected with Xcode or, more specifically, a rogue verision of it. The original Xcode is a development tool which comes in handy for iOS and OS X Apple apps. Palo Alto Networks is a well-known security research company, so everyone took their word for granted.
But 39 apps were found on Friday. Ever since then, the company discovered several other apps that were infected with XcodeGhost. Needless to say XcodeGhost is the malicious version of the tool that was bound to applications. The applications were then uploaded onto the Official App store, where it managed to bypass the malware defenses established within the iOS ecosystem.
All hell broke loose on Tuesday, when Appthority declared that the XcodeGhost was found in 476 apps. We can only imagine what those people felt like when they saw what catastrophe had befallen them.
Appthority declared that they “had a closer look at the data and were able to track the start of the infection to April 2015 with a significant uptick in infections over this last month of September”. So this wasn’t a one or two-month thing. The software has been around for a while and the things that it has been up to are not at all pleasant.
This hidden XcodeGhost code can apparently collect all information about devices that it has been installed on and can even access URLs. What is interesting is that the people behind the code could have added a good number of different dangerous features to it, but they decided to just stick to information. It is not harmful for now, but we know how far things can go with information nowadays.
Obviously, the malware is still out there and spreading fast. It would be rather pointless to rely on specific apps to detect it because of its sheer speed, but we can only hope that Apple is working to get this off its App Store and off our devices as soon as possible.
Photo Credits wikimedia.org