Last March, The Intercept released a comprehensive report detailing the CIA's "multi-year, sustained effort to break the security of Apple's iPhones and iPads."
This week, that news has become relevant again after Chinese app developers said the App Store had been infected with similar malware that the CIA had developed.
The original report from March described a secret meeting called "Jamboree" where security researchers showed off their latest tricks for getting behind Apple products. U.S. government research has reportedly been trying its best to decrypt Apple's firmware for nearly a decade.
That news came to the public's ears while several major tech companies have openly pushed back against pressure from senior U.S. and U.K. government officials who want them to make their products more accessible. Perhaps the loudest amongst that group was Apple CEO Tim Cook.
Part of what The Intercept unveiled was that the security researchers had claimed to have developed a modified version of Xcode, Apple's "proprietary software development" tool. That tool is given to developers who make apps for the Apple store, but if they were to get the CIA-modified version, it could potentially "enable spies to steal passwords and grab messages on infected devices."
Now, though, the issue has been raised again. Just this week, The Intercept has followed up on the story with news that Chinese developers detected a malware called "XcodeGhost" inside the Apple store. Via The Intercept:
The malware, called XcodeGhost, works by corrupting Apple's Xcode software, which runs on Mac computers and compiles source code into apps that can run on iPhones, iPads, and other devices, before submitting them to the App Store. If a developer has XcodeGhost installed on their computer, apps that they compile include malware without the developer realizing it. Although XcodeGhost is the first malware to spread this way in the wild, the techniques it uses were previously developed and demonstrated by Central Intelligence Agency researchers at the CIA's annual top-secret Jamboree conference in 2012. Using documents from NSA whistleblower Edward Snowden, The Intercept's Jeremy Scahill and Josh Begley described the CIA's Xcode project in a story published in March.
At least 50 apps inside the App Store have been infected, according to the security firm Palo Alto Networks. One of those apps is WeChat, an extremely well known app used for messaging that is primarily used in Asia. The apps that are infected will do things like pop up prompts asking for your iCloud password.
If that sounds scary, it's because it is.