‘XcodeGhost’ Malware Attack in 2015 Impacted 128 Million iOS Users, According to Trial Documents

Back in 2015, a malware-infected variation of Xcode started circulating in China, and malware-ridden “XcodeGhost” apps made their way into Apples App Store and past the App Store evaluation group.
There were more than 50 known contaminated iOS apps at the time, consisting of major apps like WeChat, NetEase, and Didi Taxi, with approximately 500 million iOS users possibly affected. Its been a very long time because the XcodeGhost attack, but Apples trial with Epic is surfacing new details.
Trial files highlighted by Motherboard suggest that a total of 128 million users downloaded apps with the XcodeGhost malware, including 18 million users in the United States.
XcodeGhost was among the biggest attacks against iPhone users to date due to the number of iPhone users that were affected. The 128 million affected users got malware from downloads of more than 2,500 affected apps.
Based on e-mails shared in the trial, Apple worked to determine the impact of the attack and how to best inform those who downloaded infected apps. “Due to the big number of consumers possibly impacted, do we wish to send out an email to all of them?” Apples App Store vice president Matt Fischer asked.
Apple did ultimately inform users that downloaded XcodeGhost apps, and likewise published a list of the leading 25 most popular apps that were jeopardized. Apple eliminated all of the infected apps from the App Store, and provided information to designers to help them confirm Xcode going forward.
XcodeGhost was a widespread attack, but it was ineffective or unsafe. At the time, Apple stated that it had no details to suggest that the malware was ever utilized for any malicious function nor that delicate individual information was stolen, but it did gather app package identifiers, network information, and gadget names and types.

Leave a Reply

Your email address will not be published. Required fields are marked *