XcodeGhost

XcodeGhost is iOS malware that infected at least 39 iOS apps in 2015 and potentially affected millions of users. [1] [2]

ID: S0297
Type: MALWARE
Platforms: iOS
Version: 1.1

Techniques Used

Domain ID Name Use
Mobile T1414 Capture Clipboard Data XcodeGhost can read and write data in the user’s clipboard.[2]
Mobile T1474 Supply Chain Compromise XcodeGhost was injected into apps by a modified version of Xcode (Apple's software development tool).[1][2]
Mobile T1411 User Interface Spoofing XcodeGhost can prompt a fake alert dialog to phish user credentials.[2]

References