XcodeGhost

XcodeGhost is iOS malware that infected at least 39 iOS apps in 2015 and potentially affected millions of users. [1] [2]

ID: S0297
Aliases: XcodeGhost
Type: MALWARE
Platforms: iOS

Version: 1.1

Alias Descriptions

NameDescription
XcodeGhost[1] [2]

Techniques Used

DomainIDNameUse
MobileT1414Capture Clipboard DataXcodeGhost can read and write data in the user’s clipboard.[2]
MobileT1474Supply Chain CompromiseXcodeGhost was injected into apps by a modified version of Xcode (Apple's software development tool).[1][2]
MobileT1411User Interface SpoofingXcodeGhost can prompt a fake alert dialog to phish user credentials.[2]

References