Last week, Chinese app developers disclosed that an Apple programming tool had been hijacked to trick developers into embedding malicious software into apps for Apple devices.
The malware, called XcodeGhost, works by corrupting Apple’s Xcode software, which runs on Mac computers and compiles source code into apps that can run on iPhones, iPads, and other devices, before submitting them to the App Store. If a developer has XcodeGhost installed on their computer, apps that they compile include malware without the developer realizing it.
Although XcodeGhost is the first malware to spread this way in the wild, the techniques it uses were previously developed and demonstrated by Central Intelligence Agency researchers at the CIA’s annual top-secret Jamboree conference in 2012. Using documents from NSA whistleblower Edward Snowden, The Intercept‘s Jeremy Scahill and Josh Begley described the CIA’s Xcode project in a story published in March.
Security firm Palo Alto Networks has published detailed technical analyses of the malware. At least 50 apps have made it into the App Store with this malware, including WeChat, one of the world’s most popular messaging apps, with hundreds of millions of users, primarily in Asia. Apps infected with XcodeGhost malware are capable of popping up fake alerts asking for credentials, such as the user’s iCloud password; reading what has been copied to the clipboard, such as passwords from password manager apps; and exploiting other parts of iOS. It’s not clear who is behind the malware or if they are based in China.
Windows 10 has the same unscrupulous manner, another ‘watcher’. We have much to worry about requiring a cohesiveness of the populous to face these unscrupulous assholes that would throw our collective gains away in favor of instant profit and payola for the few willing to snitch on the many. BAH!!