Despite swift Apple action, XcodeGhost threat lingers

We first heard of the XcodeGhost malware back in September as reports identified hundreds of iOS apps built with unauthorized copies of Apple’s Xcode IDE that managed to introduce some sneaky, unwanted code. Infected apps had the potential to seriously compromise system security, so Apple was understandably quick to remove offenders from the App Store. Now, over a month later, is XcodeGhost finally something Apple can put behind it? Maybe not, warn security researchers, as signs of XcodeGhost infections persist, and new iOS-9-optimized variants are uncovered.

While Apple might have worked to pull down infected apps, not all users have been so quick to make sure XcodeGhost-compromised apps aren’t still living on their phones. Though the original XcodeGhost control servers are down, devices from hundreds of businesses, schools, and other institutions around the globe are still trying to connect (signs of an infected iPhone), and a new malicious actor could emerge at any time to take advantage of them.

More than that, it looks like Apple failed to remove all infected apps from the App Store, and an updated version known as XcodeGhost S goes out of its way to hide its identity. Luckily, even that’s being detected now, but the way it was initially missed is enough to suggest that it may be some time before the whole XcodeGhost fiasco is over.

Source: FireEye
Via: 9to5 Mac

Discuss This Post

Read More

Share This Post

Watch the Latest Pocketnow Videos

About The Author
Stephen Schenck
Stephen has been writing about electronics since 2008, which only serves to frustrate him that he waited so long to combine his love of gadgets and his degree in writing. In his spare time, he collects console and arcade game hardware, is a motorcycle enthusiast, and enjoys trapping blue crabs. Stephen's first mobile device was a 624 MHz Dell Axim X30, which he's convinced is still a viable platform. Stephen longs for a market where phones are sold independently of service, and bandwidth is cheap and plentiful; he's not holding his breath. In the meantime, he devours smartphone news and tries to sort out the juicy bits Read more about Stephen Schenck!