![]() ![]() XcodeGhost exploits Xcode’s default search paths for system frameworks, and has successfully infected multiple iOS apps created by infected developers. ( UPDATE: Following notification by Palo Alto Networks of malicious files hosted on their file sharing services, Baidu has removed all of the files.) Xcode is Apple’s official tool for developing iOS or OS X apps and it is clear that some Chinese developers have downloaded these Trojanized packages. These malicious installers were then uploaded to Baidu’s cloud file sharing service for used by Chinese iOS/OS X developers. Its malicious code is located in a Mach-O object file that was repackaged into some versions of Xcode installers. XcodeGhost is the first compiler malware in OS X. We have investigated the malware to identify how it spreads, the techniques it uses and its impact. Alibaba researchers then posted an analysis report on the malware, giving it the name XcodeGhost. On Wednesday, Chinese iOS developers disclosed a new OS X and iOS malware on Sina Weibo. ![]() UPDATE: Since this report's original posting on September 17, three additional XCodeGhost updates have been published, available here, here and here. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |