FireEye: Many Companies Still Running XcodeGhost-Infected Apple Apps (csoonline.com) 23
itwbennett writes: In September, more than 4,000 applications were found to have been modified with a counterfeit version of Xcode, dubbed XcodeGhost. On Tuesday, FireEye said in a blog post that it has detected 210 enterprises that are still using infected apps, showing that the XcodeGhost malware 'is a persistent security risk.' In addition, whomever created XcodeGhost has also developed a new version that can target iOS 9, called XcodeGhost S, FireEye wrote.
More vectors than just Xcode (Score:5, Insightful)
Something for iOS developers to be aware of is they need to be careful of using binary only third party libraries which might also have been compiled with Xcode Ghost [possiblemobile.com].
Thought thankfully Apple rejects app submissions that use them...
Re: (Score:2)
The problem is that this article (or at least TFS) is talking about enterprise customers, who have likely deployed an MDM solution and gone through the process to be able to side-load apps onto their enrolled devices bypassing the App Store. So you've got incompetent developers that are using hacked versions of Xcode (or, pre-hacked libraries, as you postulate), combined with bypassing the checkpoint that keeps most of Apple's users free of this crap.
Re: (Score:2)
And with that greater freedom comes the freedom to do really stupid things like install warez and then act all surprised when it turns out to be a trojan of some kind.
Re: (Score:2)
Please show me how I'm restricted from installing anything I want on my Mac.
Go ahead, we'll wait.
In case you missed it, this article is about people running hacked versions of Xcode on OS X, and iPhone and iPad are only involved distantly as the platform that people are writing code for in Xcode... on their Mac.
Re: (Score:1)
Nobody credible has ever claimed that trojans don't exist for MacOS apps. The only people who say this, are people like you, saying how that's wrong.
Re: (Score:1)
No it was the disingenuous claims that are made to confuse users like: "Macs dont get PC viruses" and the old "Built-in defences in OS X keep you safe from unknowingly downloading malicious software on your Mac.".
The latter was of course removed from their website around the time of the Flashback trojan.
Are you less likely to get a virus on a Mac than a Windows system? Of course. Are you even less likely to get one on a Linux system? Yes. So why not just be honest rather than trying to twist the truth like
Re: (Score:2)
Yeah, it's totally Apple's fault that these asshats downloaded a hacked version Apple's Xcode IDE from a website not hosted by Apple.
Re: (Score:2)
"whomever created XcodeGhost has also..." (Score:4, Insightful)
Did him really?
Cripes, Dice, spring for an editor.
Most of the apps that they claim are infested.. (Score:2, Troll)
Are apps I've never heard of and likely would never use.
Re: Most of the apps that they claim are infested. (Score:1, Insightful)
Apparently, though, since they're reported here to be out in the wild, somebody found them useful, or at least worth installing.
Damage Control! Roll out the fud (but go soft on the fear, we've got iPhones to sell)
Re: (Score:2)
And the reason why this article is specific to talking about enterprise, is because those businesses are doing two things that the average user won't be:
1. Downloading a hacked version of Xcode from a non-Apple website, and using it to develop applications, which then get trojaned by the crap version of Xcode
2. Sideloading these applications by way of their developer agreement / MDM solution, bypassing the App Store and it's approval / curation.
Re: (Score:2)