Apple's App Store XcodeGhost outbreak more widespread than first thought

By Shawn Knight
Sep 24, 2015
Post New Reply
  1. Apple’s App Store recently found itself at the center of a malicious app outbreak. Initial reports indicated that nearly 40 apps were infected with malware dubbed XcodeGhost. As it turns out, that was an extremely conservative figure.

    A subsequent scan from security firm Appthority uncovered 476 affected apps, or roughly 12 times as many as first reported. FireEye, a competing security firm, has identified more than 4,000 infected apps on the App Store.

    The silver lining here is that XcodeGhost’s classification of malicious malware appears to be a bit of a stretch as Appthority believes adware may be the more appropriate classification.

    Appthority was able to track the start of the infection back to April 2015 although it didn’t really pick up momentum until this month.

    The firm notes that it would have been easy to add more harmful behaviors to the code and that might play out in the future but for whatever reason, the author of the version of XcodeGhost that Appthority analyzed chose not to do so.

    XCodeGhost came to light last week when security researchers at Palo Alto Networks discovered a modified version of Apple’s iOS software development environment, Xcode.

    Apple addressed the issue earlier this week, pointing out that they’ve removed infected apps from the App Store and driving home the importance of downloading Xcode directly from a trusted source. The company also reminded developers that they can easily verify the integrity of their copy of Xcode.

    Thumbnail courtesy PhotoAtelier, Flickr

    Permalink to story.

  2. Blasphemy,Apple Inc does not get Malware.
  3. davislane1

    davislane1 TS Evangelist Posts: 3,372   +2,164

    FireEye, a competing security firm, has identified more than 4,000 infected apps mentally challenged developers on the App Store.

    Fixed that for you. As BMfan said, Apple products don't get malware. Only stupid users get malware.

    Also, given BMW's recent implication in the German emissions cheating scandal, I suspect the individual posting under "BMfan" may be of dubious character and should probably not be trusted.

    That is all.
  4. They had to do something,the Californians screwed up their air so much the whole world must now pay for it.
    Last edited by a moderator: Sep 25, 2015

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...