XcodeGhost still haunting ‘dozens’ of Apple mobile apps
Dozens of U.S. enterprises are still using Apple mobile apps seeded with malware for a clever hacking scheme revealed last month known as XcodeGhost.
The computer security firm FireEye said it detected that 210 enterprises that are still using infected apps, showing that the XcodeGhost malware "is a persistent security risk," according to computerworld.com. Last month, more than 4,000 applications were found to have been modified with a counterfeit version of Xcode, an application development tool from Apple. The malicious version, dubbed XcodeGhost, adds hidden code to apps, which can collect identifying information about a device or even open URLs.
In October Apple issued a statement in response to the XcodeGhost, saying that it has removed all infected apps it is aware of from the App Store and is working with developers to ensure they are using a legitimate version of Xcode.
"We’ve removed the apps from the App Store that we know have been created with this counterfeit software," Apple said in a statement. "We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps."
Apple has posted instructions for making sure your version of Xcode is validated. You can find them at http://tinyurl.com/qelbgtk.
It was recently reported that the Apple App Store has suffered from what is being described as the first large-scale attack on the mobile software outlet. The hackers took aim at popular Chinese apps by convincing developers of legitimate software to use a tainted, counterfeit version of source code known as XcodeGhost, notes Seeking Alpha (www.seekingalpha.com). According to cyber security firm Palo Alto Networks (paloaltonetworks.com), "hundreds of millions" of users are at risk of having their personal data exposed due to the malware.