Chinese developers have discovered a new OS X and iOS malware dubbed XcodeGhost that has appeared in malicious versions of Xcode, Apple’s official toolkit for developing iOS and OS X apps. The hack of Apple’s Xcode involves infecting the compiler with malware and then passing that malware onto the compiled software. Once the malware has established a foothold on infected devices, it has the ability to phish user credentials via fake warning boxes, open specific URLs in a device’s web browser, and even scrape the clipboard. WeChat, Chinese Uber-like cab service Didi Kuaidi, photo editor Perfect365, music streaming service NetEase, and card scanning tool CamCard were found to be infected.
Source: https://thehackernews.com/2015/10/xcodeghost-ios-malware.html