Malware discovered on 39 apps in the Apple App Store
While past viruses on iOS were placed inside an app by the developer, created and published in the App Store to purposely create havoc, this malware enters an app without the knowledge of its developer. Since a rogue version of Xcode was used in this endeavor, the malware itself is being called XcodeGhost.
The malicious version of Xcode was apparently taken off Baidu by Chinese iOS/OS X developers instead of using the most up-to-date version of the IDE available from Apple. The infected version of Xcode has since been removed from Baidu. According to a report by Palo Alto Networks, XcodeGhost can be used by the hacker to remotely phish, or to take advantage of vulnerabilities on apps and the local system.
Some other apps infected include Railway 12306, the only official app in China to offer train tickets. Stock trading platform Tonghuashun, and China Unicom Mobile office are also infected. You can check out all of the malware infected titles by clicking on the sourcelink.
source: PaloAltoNetworks via RedmondPie