‘XcodeGhost’ Malware Attack in 2015 Impacted 128 Million iOS Users, According to Trial Documents

Back in 2015, a malware-infected version of Xcode started circulating in China, and malware-ridden “XcodeGhost” apps made their method into Apples App Store and past the App Store evaluation team.
There were more than 50 known infected iOS apps at the time, including major apps like WeChat, NetEase, and Didi Taxi, with as much as 500 million iOS users possibly impacted. Its been a very long time because the XcodeGhost attack, but Apples trial with Epic is appearing brand-new details.
Trial files highlighted by Motherboard indicate that an overall of 128 million users downloaded apps with the XcodeGhost malware, consisting of 18 million users in the United States.
XcodeGhost was among the biggest attacks versus iPhone users to date due to the number of iPhone users that were affected. The 128 million affected users got malware from downloads of more than 2,500 affected apps.
Based on e-mails shared in the trial, Apple worked to identify the impact of the attack and how to best notify those who downloaded contaminated apps. “Due to the a great deal of clients potentially affected, do we desire to send an e-mail to all of them?” Apples App Store vice president Matt Fischer asked.
Apple did ultimately notify users that downloaded XcodeGhost apps, and likewise published a list of the leading 25 most popular apps that were jeopardized. Apple removed all of the infected apps from the App Store, and provided information to designers to assist them confirm Xcode going forward.
XcodeGhost was a widespread attack, however it was not reliable or hazardous. At the time, Apple said that it had no details to suggest that the malware was ever used for any destructive function nor that sensitive personal data was stolen, however it did gather app package identifiers, network information, and device names and types.