AnsweredAssumed Answered

QN9020 OTA SDK infected with XcodeGhost malware

Question asked by Chris Darrow on Feb 20, 2017

A virus scan revealed that files in the OTA SDK are infected with the XcodeGhost malware.  The infected files include:

 

QBLUE SDK\OTA IOS.zip

QBLUE SDK\QPP_iOS_v1.2.4.zip

 

Here's some information on this malware:

 

https://en.wikipedia.org/wiki/XcodeGhost

 

This means that the application itself is compromised when installed on a device.  It can be remotely controlled, and can access any data in the phone clipboard.  

 

Short of rebuilding from sources on a known good Xcode environment, I don't know of any way to correct this problem.  If you are able to provide a clean version, we would appreciate it.

 

Do you have any newer version of the app you could provide us a binary for? Alternatively, we could recompile from source if you could provide that to us.

Outcomes