
XcodeGhost, an Xcode trojan, was published just 1 week after Schneier's post - bitinn
https://twitter.com/bitinn/status/644941027023818753
======
bitinn
To add context:

<Novel Malware XcodeGhost Modifies Xcode, Infects Apple iOS Apps and Hits App
Store> [http://researchcenter.paloaltonetworks.com/2015/09/novel-
mal...](http://researchcenter.paloaltonetworks.com/2015/09/novel-malware-
xcodeghost-modifies-xcode-infects-apple-ios-apps-and-hits-app-store/)

<Hack Brief: Malware Sneaks Into the Chinese iOS App Store>
[http://www.wired.com/2015/09/hack-brief-malware-sneaks-
chine...](http://www.wired.com/2015/09/hack-brief-malware-sneaks-chinese-ios-
app-store/)

<How the CIA Might Target Apple's XCode>
[https://www.schneier.com/blog/archives/2015/03/how_the_cia_m...](https://www.schneier.com/blog/archives/2015/03/how_the_cia_mig.html)

Affected apps include:

\- WeChat, messaging app, around 500-600 mil users.

\- Railway 12306, the only official app for ordering Sinorail train tickets in
China.

\- Didi Taxi, Uber's main rival in China.

\- AutoNavi, the largest map provider in China, serving Google/Bing/Apple
maps.

\- China Unicom customer service, 1 of the 2 major ISP in China.

And many others.

