Pangu released tool to check if your iPhone is infected by the XcodeGhost malware

It has been widely reported that the XcodeGhost malware has affected dozens of legitimate apps in the Chinese App Store with 76 popular apps being affected so far, reported by iFeng News, including WeChat, apps from China Mobile and Citic Bank, etc.

Pangu XcodeGhost Malware

Before we can see a fix from Apple or app developers, the well-known jailbreak team, Pangu team, has recently cooperated with UCloud and released a tool, with some additional help on the affected app list from 360 (that cooperated the TaiG jailbreak team) to check if your device is affected by the XcodeGhost malware. Here’s how to do it:

Head over to the XcodeGhost malware checking tool page under Pangu’s site here from your mobile browsers, works on both Safari and Chrome. Click the blue button with white words 立即下载 to initiate the installation of the tool. Click install when you see the prompt message.

Pangu XcodeGhost Malware tool 1

After downloading and installation, once you launch the app, you will be prompted as this enterprise app is not trusted on your iPhone.

Pangu XcodeGhost Malware tool 2

So open the Settings App, go to General, scroll down to Profiles, go into Profiles and you will see the profile named as Shenzhen Avaintel Technology Co., Ltd. to be trusted at your action. Tap it and press the Trust button when you get prompted with the message below.

Pangu XcodeGhost Malware tool 3

Now you are good to go. Go back to Homescreen and open the XcodeGhost malware checking tool. Press the button in the middle titled “点击检测Xcode病毒” and it will start checking. You will see a big green tick if you are not affected. Otherwise, it will advise you with what is infected and to be removed from your device temporarily until it was fixed by the developers.

Pangu XcodeGhost Malware tool 4

Hope this help you out in checking if XcodeGhost malware infected on your device. Thanks for reading!

Update #1: over 3400 apps were found infected by XcodeGhost as per the Pangu team. And some download sites/gaming engines may be affected too. This may spread out to Android as well.

Update #2: The app now support scanning list of over 4000 infected apps. If you have installed the first version, launch the app and it will prompt you to update.

Pangu XcodeGhost Malware tool 7

9 Comments Add yours

  1. McArthur says:

    This is so funny. I can check if an untrusted code is on my phone, by installing a tool from an untrusted developer? This is excactly how you would inject said untrusted code in the first place. Doing this could get you in even more trouble that XcodeGhost could.


  2. Mohammad al'Pedo says:

    What malware will this install I wonder? Nice try hackers.


    1. Your Name says:

      This is real, Pangu is a well known iOS hacking group and this Xcode ghost is real

      Liked by 1 person

  3. Robert says:

    Every time I click on the Pangu link it times out. Anyone know how I would check fo xcodeghost? My ISP actually sent me a message saying one of my iOS devices had it… but I have several and need to check conclusively which one!


  4. Robert says:

    Forgot to subscribe to new comments on this post.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.