Apple’s App Store recently found itself at the center of a malicious app outbreak. Initial reports indicated that nearly 40 apps were infected with malware dubbed XcodeGhost. As it turns out, that was an extremely conservative figure.
A subsequent scan from security firm Appthority uncovered 476 affected apps, or roughly 12 times as many as first reported. FireEye, a competing security firm, has identified more than 4,000 infected apps on the App Store.
The silver lining here is that XcodeGhost’s classification of malicious malware appears to be a bit of a stretch as Appthority believes adware may be the more appropriate classification.
Appthority was able to track the start of the infection back to April 2015 although it didn’t really pick up momentum until this month.
The firm notes that it would have been easy to add more harmful behaviors to the code and that might play out in the future but for whatever reason, the author of the version of XcodeGhost that Appthority analyzed chose not to do so.
XCodeGhost came to light last week when security researchers at Palo Alto Networks discovered a modified version of Apple’s iOS software development environment, Xcode.
Apple addressed the issue earlier this week, pointing out that they’ve removed infected apps from the App Store and driving home the importance of downloading Xcode directly from a trusted source. The company also reminded developers that they can easily verify the integrity of their copy of Xcode.
Thumbnail courtesy PhotoAtelier, Flickr