Thought XcodeGhost malware only affected 40 Chinese iOS apps? You would be wrong, at least according to security researchers FireEye.
The organisation claims that the 39 apps originally detected by Palo Alto Networks at the beginning of the week account for less than one per cent of the total carrying XcodeGhost in the Apple App Store.
"Immediately after learning of XcodeGhost, FireEye Labs identified more than 4,000 infected apps on the App Store," the company said in a blog post. "FireEye has since updated detection rules in its NX and Mobile Threat Prevention (MTP) products to detect the malicious apps and their activity on a network."
However, the company added another note of caution, saying: "It's important to note that, although the CnC servers have been taken down, the malicious apps still try to connect to them using HTTP. This HTTP session is vulnerable to hijacking by other attackers."
Apple is asking developers to verify Xcode to ensure uninfected versions are being used, but Forrester analyst Tyler Shields told IT Pro that while Apple does has many steps in place to stop malware from infiltrating the App Store, "there is no way they will ever stop it all".
"Apple's incentives are to get as many interesting apps as possible into the app store which will result in a lower security bar than many enterprises are willing to accept. It's not that Apple wants malware in the system, just that it's not as important to limit malware as it is to increase revenue from the app store to Apple," said Shields.
"They will continue to improve their detection processes and algorithms but there will always be a need for the enterprise and the consumer to apply security controls that match their specific level of need regardless of what the app store owners do," he concluded.
