XcodeGhost infected app count soars to 4,000
More apps infected by App Store malware than originally thought


Thought XcodeGhost malware only affected 40 Chinese iOS apps? You would be wrong, at least according to security researchers FireEye.
The organisation claims that the 39 apps originally detected by Palo Alto Networks at the beginning of the week account for less than one per cent of the total carrying XcodeGhost in the Apple App Store.
"Immediately after learning of XcodeGhost, FireEye Labs identified more than 4,000 infected apps on the App Store," the company said in a blog post. "FireEye has since updated detection rules in its NX and Mobile Threat Prevention (MTP) products to detect the malicious apps and their activity on a network."
However, the company added another note of caution, saying: "It's important to note that, although the CnC servers have been taken down, the malicious apps still try to connect to them using HTTP. This HTTP session is vulnerable to hijacking by other attackers."
Apple is asking developers to verify Xcode to ensure uninfected versions are being used, but Forrester analyst Tyler Shields told IT Pro that while Apple does has many steps in place to stop malware from infiltrating the App Store, "there is no way they will ever stop it all".
"Apple's incentives are to get as many interesting apps as possible into the app store which will result in a lower security bar than many enterprises are willing to accept. It's not that Apple wants malware in the system, just that it's not as important to limit malware as it is to increase revenue from the app store to Apple," said Shields.
"They will continue to improve their detection processes and algorithms but there will always be a need for the enterprise and the consumer to apply security controls that match their specific level of need regardless of what the app store owners do," he concluded.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives

Jane McCallion is Managing Editor of ITPro and ChannelPro, specializing in data centers, enterprise IT infrastructure, and cybersecurity. Before becoming Managing Editor, she held the role of Deputy Editor and, prior to that, Features Editor, managing a pool of freelance and internal writers, while continuing to specialize in enterprise IT infrastructure, and business strategy.
Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.
-
Blackouts in Spain and Portugal could be a cyber attack
Both countries are "paralyzed" by nationwide power outages
By Jane McCallion
-
Cisco takes aim at AI security at RSAC with ServiceNow partnership
News The companies claim Cisco AI Defense and ServiceNow SecOps will help address new challenges raised by AI
By Jane McCallion