From InfoWorld: Dozens of U.S. enterprises are still using Apple mobile apps seeded with malware for a clever hacking scheme revealed last month known as XcodeGhost.
The computer security firm FireEye said Tuesday it has detected that 210 enterprises that are still using infected apps, showing that the XcodeGhost malware "is a persistent security risk," according to a blog post.
Last month, more than 4,000 applications were found to have been modified with a counterfeit version of Xcode, which is an application development tool from Apple.
The malicious version, dubbed XcodeGhost, adds hidden code to apps, which can collect identifying information about a device or even open URLs.
It was speculated that some application developers, mostly based in China, might have downloaded the rogue version of Xcode due to problems in getting it directly from Apple. Baidu's cloud file-sharing service at one time hosted the modified Xcode, but it was later removed, according to Palo Alto Networks.
View: Article @ Source Site
