The Intercept | Last week, Chinese app developers disclosed that an Apple programming tool had been hijacked to trick developers into embedding malicious software into apps for Apple devices.
The malware, called XcodeGhost, works by corrupting Apple’s Xcode software, which runs on Mac computers and compiles source code into apps that can run on iPhones, iPads, and other devices, before submitting them to the App Store. If a developer has XcodeGhost installed on their computer, apps that they compile include malware without the developer realizing it.
Although XcodeGhost is the first malware to spread this way in the wild, the techniques it uses were previously developed and demonstrated by Central Intelligence Agency researchers at the CIA’s annual top-secret Jamboree conference in 2012. Using documents from NSA whistleblower Edward Snowden, The Intercept‘s Jeremy Scahill and Josh Begley described the CIA’s Xcode project in a story published in March.