‘XcodeGhost’ Malware Attack in 2015 Impacted 128 Million iOS Users, According to Trial Documents

Back in 2015, a malware-infected variation of Xcode began distributing in China, and malware-ridden “XcodeGhost” apps made their way into Apples App Store and past the App Store evaluation team.
There were more than 50 recognized contaminated iOS apps at the time, consisting of major apps like WeChat, NetEase, and Didi Taxi, with as much as 500 million iOS users potentially affected. Its been a long period of time given that the XcodeGhost attack, but Apples trial with Epic is surfacing new details.
Trial documents highlighted by Motherboard indicate that an overall of 128 million users downloaded apps with the XcodeGhost malware, including 18 million users in the United States.
XcodeGhost was among the greatest attacks versus iPhone users to date due to the number of iPhone users that were affected. The 128 million impacted users got malware from downloads of more than 2,500 affected apps.
Based upon e-mails shared in the trial, Apple worked to determine the effect of the attack and how to best notify those who downloaded contaminated apps. “Due to the a great deal of clients possibly impacted, do we want to send an email to all of them?” Apples App Store vice president Matt Fischer asked.
Apple did eventually inform users that downloaded XcodeGhost apps, and also released a list of the leading 25 most popular apps that were compromised. Apple eliminated all of the infected apps from the App Store, and provided information to designers to help them validate Xcode going forward.
XcodeGhost was an extensive attack, however it was unsafe or not reliable. At the time, Apple stated that it had no information to recommend that the malware was ever utilized for any harmful function nor that sensitive personal data was taken, but it did collect app package identifiers, network details, and device names and types.

Leave a Reply

Your email address will not be published. Required fields are marked *