Immunize apps against XcodeGhost and other harmful 3rd party code

AppDome, the market leader in mobile application protection, announced today that mobile app owners who use AppDome, its dynamic application App Fusion, can consider their mobile app immune to the XcodeGhost attack vector.

A vulnerability aimed at exposing data-at-rest, XcodeGhost infects the iOS compiler and compromises an app before it even makes it to the App Store. This is a significant security issue for financial services companies and other enterprises who own mobile apps, many of which store customers’ personal data and server login information.

App fusing is a process that provides an extra layer of security once a mobile app’s development and testing phases are complete. AppDome’s AppDome provides protection against a wide range of threats, including OS-related issues and use of malicious or privacy- infringing 3rd party SDKs or plugins.

“As with XcodeGhost, app developers use 3rd party code to streamline the development process – which often includes either malicious, vulnerable or privacy-infringing code without their knowledge,” says Avi Yehuda,  Chief Technology Officer, AppDome.

“While secure coding is essential to any mobile app security strategy, it’s clear that companies need a consistent, high-security, tool-based approach that doesn’t impede release cycles or app performance.”

The company’s multi-layered App Fusion solution implements pharming prevention  across all communication channels. As a result, once malicious code is detected, the appropriate preventative action is automatically applied by the App Fuse. In this specific case, it acts to nullify the impact of the XcodeGhost threat.

About AppDome

AppDome provides an essential shield that secures enterprise and consumer-facing apps from advanced cyber threats, mobile fraud and data leakage. Recognized by Gartner as a 2015 Cool Vendor in Mobile Security, AppDome helps organizations find the right balance between security and usability in the mobile threat landscape.

AppDome’s dynamic App Fusion solution is based on the application binary level, which completely eliminates the need for source code modifications and SDK integration during the development life cycle.

The company’s dynamic app protection technology is used by the world’s leading financial, healthcare and eCommerce enterprises to ensure productivity, compliance, and security for consumers and employees.

For more information on mobile App Fusion and threat mitigation, visit


Avita Flit

Have a question?

ask an expert

AlanWe're here to help
We'll get back to you in 24 hours to schedule your demo.

Search Appdome Solutions

Blog Post 4 Reasons Existing Waf Anti Bot Solutions Fail To Protect Mobile

4 Reasons Existing WAF Anti-Bot Solutions Fail To Protect Mobile

Traditional anti-bot solutions, like Web Application Firewalls (WAFs), struggle to protect against most mobile-based attack vectors, resulting in significant blind spots in organizations’ API defenses, highlighting the need for advanced mobile-specific bot defense solutions.