XcodeGhost is the most well-known malware released so far for the company's iOS platform Apple Lossless Audio CODEC (ALAC), and I talked about him these days, I even introduced him to you list of applications infected by XcodeGhost to know what to avoid.
Apple has acknowledged the existence of XcodeGhost and took a series of measures to protect its users, and today comes the good news only applications uploaded to App Stores in China, Taiwan, Hong Kong or Macau seem to have been infected by this malware.
This means that applications from other App Stores are not affected by the XcodeGhost malware and you can rest assured because if you have not downloaded applications from the 4 previously mentioned, or others from nearby countries, then your terminals are safe.
Even if you downloaded applications infected with XcodeGhost, according to security researchers they are not really that dangerous as it was initially believed, they only take various generic data from the terminals, these being partially recorded by the servers that display advertisements.
XcodeGhost cannot run phishing attacks to steal passwords for iCloud, Google or other web services, it cannot steal data from applications, so it is mostly intended, probably, only to test Apple's vigilance and the security system of the App Store.
Despite the fact that XcodeGhost is not that dangerous, it seems that in reality not only 25 applications are infected, as Apple claims, but several thousand from the Asian App Stores, but no one has yet published an exact list of them.
XcodeGhost demonstrated without a doubt how the App Store can be infected with malware and if this was an exercise for a larger attack, then we can declare it a complete success and we can only think with fear about the future.
