Still lying and trying to hijack the thread into an ad hominem attack on me, bolobaby. Give it a rest. The 99.9% figure came from an initial report from one of the security firms investigating the infection, not Apple.
That 99.9 percent is still about the correct figure. 99.9% of 4000 is approximately 4-5 apps. The vast majority of the infected apps were made for the Chinese market. They've identified four or five of those Chinese Apps that have been translated into other languages and gone international . . . but even some of those named apps turn out to be the Chinese language or other versions that have not yet been sent over seas. Some of the named apps just share names because they were ported into Chinese by sub-contractors for the App publishers who used the spurious XcodeGhost version of Apple's Xcode.
The C2 domain is one of CHINA's main domains.
Some apps are also available from the App Store in other countries. For example, CamCard, developed by a Chinese company, is the most popular business card reader and scanner in many countries (including the US) around the world. (Update Sept. 21: Weve verified that, while CamCard v6.5.1 in Chinese App Store was infected by XcodeGhost, the older version of CamCard, v5.5.2 found in the U.S. App Store, is not infected.).WeChat is the most popular IM app not only in China but also in many countries or regions in Asia Pacific. Version 6.2.5 of WeChat is what we have verified to be infected. Tencent has updated to 6.2.6, which removed the malicious code.
Palo Alto Networks is cooperating with Apple on the issue and we also suggest all iOS developers be aware and take necessary actions.
It may be 1% of the 4000 or so have gone international that are infected, which would be on the close order of 40-50, but even those are unlikely to be in the US, and more likely in the Asian area. Apple is removing all infected apps from all stores wherever they are located.
Many of the publishers of the English and other language versions of the listed apps have made statements that their apps are not infected, explaining that only the subcontractors in China who made the conversions to the Chinese language versions of their Apps used the XcodeGhost which infected their apps.
The lady doth protest too much, methinks.
Talked to a friend in another state and they started blacklisting all of China's networks based on the list at http://www.ipdeny.com.
I think you're going to see more and more of this. She told me the amount of Inbound scanning and other attack methods dropped by almost 50% once they implemented the blacklist for all PRC IP space.