Immunize apps against XcodeGhost and other harmful 3rd party code

AppDome, the market leader in mobile application protection, announced today that mobile app owners who use AppDome, its dynamic application App Fusion, can consider their mobile app immune to the XcodeGhost attack vector.

A vulnerability aimed at exposing data-at-rest, XcodeGhost infects the iOS compiler and compromises an app before it even makes it to the App Store. This is a significant security issue for financial services companies and other enterprises who own mobile apps, many of which store customers’ personal data and server login information.

App fusing is a process that provides an extra layer of security once a mobile app’s development and testing phases are complete. AppDome’s AppDome provides protection against a wide range of threats, including OS-related issues and use of malicious or privacy- infringing 3rd party SDKs or plugins.

“As with XcodeGhost, app developers use 3rd party code to streamline the development process – which often includes either malicious, vulnerable or privacy-infringing code without their knowledge,” says Avi Yehuda,  Chief Technology Officer, AppDome.

“While secure coding is essential to any mobile app security strategy, it’s clear that companies need a consistent, high-security, tool-based approach that doesn’t impede release cycles or app performance.”

The company’s multi-layered App Fusion solution implements pharming prevention  across all communication channels. As a result, once malicious code is detected, the appropriate preventative action is automatically applied by the App Fuse. In this specific case, it acts to nullify the impact of the XcodeGhost threat.

About AppDome

AppDome provides an essential shield that secures enterprise and consumer-facing apps from advanced cyber threats, mobile fraud and data leakage. Recognized by Gartner as a 2015 Cool Vendor in Mobile Security, AppDome helps organizations find the right balance between security and usability in the mobile threat landscape.

AppDome’s dynamic App Fusion solution is based on the application binary level, which completely eliminates the need for source code modifications and SDK integration during the development life cycle.

The company’s dynamic app protection technology is used by the world’s leading financial, healthcare and eCommerce enterprises to ensure productivity, compliance, and security for consumers and employees.

For more information on mobile App Fusion and threat mitigation, visit


Avita Flit

Have a question?

ask an expert

GilWe're here to help
We'll get back to you in 24 hours to schedule your demo.

Search Appdome Solutions

3f0fcc71 0fcd 4d11 8187 0554f04e965e

How to Comply with the OWASP MASVS Standard

The OWASP MASVS (Mobile Application Security Verification Standard) is a standard that establishes mobile app security requirements for developers to build secure mobile apps and security teams to test mobile apps. On Appdome, brands can easily comply with the OWASP MASVS standard.

Spear Phishing Attacks Blog

AI Has Democratized Spear Phishing Attacks, Now What?

Spear phishing attacks used to be limited to high-profile targets such as CEOs, politicians, and other influential individuals. These attacks required extensive research, preparation, and coordination, making them a…