‘XcodeGhost’ Malware Attack in 2015 Impacted 128 Million iOS Users, According to Trial Documents

Back in 2015, a malware-infected version of Xcode started flowing in China, and malware-ridden “XcodeGhost” apps made their method into Apples App Store and past the App Store review team.
There were more than 50 recognized contaminated iOS apps at the time, including significant apps like WeChat, NetEase, and Didi Taxi, with up to 500 million iOS users potentially affected. Its been a long period of time given that the XcodeGhost attack, but Apples trial with Epic is surfacing new information.
Trial documents highlighted by Motherboard suggest that an overall of 128 million users downloaded apps with the XcodeGhost malware, including 18 million users in the United States.
XcodeGhost was among the biggest attacks against iPhone users to date due to the variety of iPhone users that were impacted. The 128 million impacted users got malware from downloads of more than 2,500 impacted apps.
Based upon e-mails shared in the trial, Apple worked to figure out the effect of the attack and how to best notify those who downloaded infected apps. “Due to the big number of consumers possibly affected, do we wish to send an email to all of them?” Apples App Store vice president Matt Fischer asked.
Apple did ultimately notify users that downloaded XcodeGhost apps, and also published a list of the leading 25 most popular apps that were jeopardized. Apple eliminated all of the contaminated apps from the App Store, and offered info to designers to assist them verify Xcode moving forward.
XcodeGhost was a widespread attack, however it was unsafe or not reliable. At the time, Apple said that it had no information to suggest that the malware was ever utilized for any malicious purpose nor that delicate personal information was stolen, however it did gather app package identifiers, network information, and gadget names and types.