Now Reading
XcodeGhost iOS Exploit Source Code Released

XcodeGhost iOS Exploit Source Code Released

by P. H. MadoreSeptember 25, 2015

Earlier this week, a malware developer did something unexpected: turned over his code to the public. The unknown developer is presumably Chinese, given that his “ReadMe” file is written in Chinese. While Google translate was not exactly efficient at converting the Chinese to English, the overwhelming tone of the file is that of remorse and pleasantries.

First of all, I XcodeGhost event to bring confusion apologize. XcodeGhost from my own experiments, without any threatening behavior, as detailed in the source code.

The document goes on to outline the fact that XcodeGhost is not the kind of exploit which could be forced on developers. The hacker did acknowledge that he had the opportunity to exploit advertising features in the infected apps, but chose not to.

Solemn note is required: for selfish reasons, I joined the advertising features in the code, hope can promote their applications (off the source code can be compared to the Annex do check). But in fact, from the beginning to the final shut down the server, I have not used the advertising function.

“Dead Code”

Throughout the document, the programmer uses the term “dead code,” which is hard to translate into words we might use. It has been said that this hacker could have sold such an exploit to the CIA, NSA, or any major government, anywhere in the world, given the iPhone‘s global popularity. An exploit like this could have netted him any price he named, like as not. As previously reported by Hacked, the NSA had been looking into doing something much like what the malware developer did.

The three letter agencies could have even used their powers to force app developers to insert the malicious code. Rather than enrich himself, however, the programmer decided to go public with his code, presumably in hopes that the hunt for him will cease and the vulnerabilities will be fixed. This was the first major breach of the Apple App store since its inception in 2009.

Featured image from Shutterstock.

Advertised sites are not endorsed by us. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
What's your reaction?
Love it
Hate it
  • Andrea van de Kleut

    the “net ” will become an “info only” type of resource , because all actual public that buys , sells, shops online will be too afraid to actually make any purchases , sell anything, or buy anything. hackers are watching and hacking ALL the time. I myself have made myself the promise to buy less and less, until such time i will only use ” the net” for informational purposes. and have items sent to store for me to pick up , etc.etc. it is just too dangerous to do anything online anymore , other then watch TV, listen to music and email friends.

    • P. H. Madore

      The Internet was still mostly as you describe when I started using it, and I liked it better that way.

      However, things like Bitcoin are a lot safer for online purchases than credit card processors. I encourage you to check it out —