'XcodeGhost' Malware Attack in 2015 Impacted 128 Million iOS Users, According to Trial Documents

Back in 2015, a malware-infected version of Xcode began circulating in China, and malware-ridden "XcodeGhost" apps made their way into Apple's App Store and past the ‌App Store‌ review team.

XcodeGhost Featured1
There were more than 50 known infected iOS apps at the time, including major apps like WeChat, NetEase, and Didi Taxi, with up to 500 million iOS users potentially impacted. It's been a long time since the XcodeGhost attack, but Apple's trial with Epic is surfacing new details.

Trial documents highlighted by Motherboard indicate that a total of 128 million users downloaded apps with the XcodeGhost malware, including 18 million users in the United States.

XcodeGhost was one of the biggest attacks against iPhone users to date due to the number of ‌iPhone‌ users that were impacted. The 128 million impacted users got malware from downloads of more than 2,500 affected apps.

Based on emails shared in the trial, Apple worked to determine the impact of the attack and how to best notify those who downloaded infected apps. "Due to the large number of customers potentially affected, do we want to send an email to all of them?" Apple's ‌App Store‌ vice president Matt Fischer asked.

Apple did ultimately inform users that downloaded XcodeGhost apps, and also published a list of the top 25 most popular apps that were compromised. Apple removed all of the infected apps from the ‌App Store‌, and provided information to developers to help them validate Xcode going forward.

XcodeGhost was a widespread attack, but it was not effective or dangerous. At the time, Apple said that it had no information to suggest that the malware was ever used for any malicious purpose nor that sensitive personal data was stolen, but it did collect app bundle identifiers, network details, and device names and types.

Top Rated Comments

Stromos Avatar
9 months ago
Yes its so convenient to figure out which app store I need to download and install to get an app. Then provide credit card details to any and every developer that I want to purchase something. Then figure out which store I need to open to update an app. Better regularly launch the alternative stores to get updates. Oh a store was compromised which apps on my device came from that store?

No purpose to the end user at all.
Score: 20 Votes (Like | Disagree)
deevey Avatar
9 months ago

how are these companies obtaining these private emails?
The ongoing Epic / Apple.

I'd guess these emails were entered into evidence by Apple as an insight into what they actually do in term of securing the App Store, further justifying the 30% commission.
Score: 8 Votes (Like | Disagree)
ArPe Avatar
9 months ago
If phones turned into multiple App Store flea markets then half the apps installed would be these malware and spyware. Every one of you could have your money stolen or become the next Khashoggi.
Score: 6 Votes (Like | Disagree)
hot-gril Avatar
9 months ago
It's silly that Apple has to even justify the 30% commission they charge on their own platform that devs and users are free to use or not use, esp when nobody else justifies the same, but these emails are interesting to read.
Score: 6 Votes (Like | Disagree)
rjohnstone Avatar
9 months ago

It's silly that Apple has to even justify the 30% commission they charge on their own platform that devs and users are free to use or not use, esp when nobody else justifies the same, but these emails are interesting to read.
Devs are not free to use the platform. They have to pay annually to have the opportunity to be listed. Not all apps get listed. ;)
Score: 6 Votes (Like | Disagree)
Cosmosent Avatar
9 months ago
Another Nugget thanks to the trial !
Score: 6 Votes (Like | Disagree)

Related Stories

fortnite apple featured

Epic Games vs. Apple Trial Begins With Opening Remarks Underway

Monday May 3, 2021 9:05 am PDT by
The first day of the bench trial between Fortnite creator Epic Games and Apple is officially underway, with the companies delivering opening remarks before District Judge Yvonne Gonzalez Rogers in a Northern California courtroom. The saga dates back to August 2020, when Apple removed Fortnite from the App Store after Epic Games introduced a direct payment option in the app for its in-game...
appstore

Phil Schiller on App Store Knockoffs in 2012: 'Is No One Reviewing These Apps?'

Thursday May 6, 2021 1:49 pm PDT by
Knockoff apps have long been a problem in the App Store, with scam apps sneaking past reviewers to compete with genuine apps and steal sales, and back in 2012, Apple's Phil Schiller was absolutely furious when a fake app made it to the top of the App Store rankings, according to documents shared in the Epic v. Apple trial. At the time, Temple Run was a super popular iOS exclusive title, and...
apple app store page

Apple Exec: We Feature Competitors' Apps 'All The Time' on the App Store

Friday May 7, 2021 5:05 am PDT by
On May 3, the Epic Games vs. Apple trial got underway, and every day, new emails between Apple executives and employees continue to be shared by Epic as evidence for its case against Apple. In the latest batch of emails, the vice president of the App Store, Matt Fischer, claims that Apple features apps made by its competitors "all the time" on the store and rejects the sentiment that it...
app store safe secure

Study Finds Up to 2% of Top 1,000 Paid Apps on App Store Were Scams

Monday June 7, 2021 6:33 am PDT by
Apple has used its app review process as a bulwark in recent legal assaults on its App Store policy, and put particular emphasis on the security benefits for iOS users when buying apps. However, an investigation has found that almost 2% of the top 1,000 highest grossing apps on a given day were some sort of scam. According to The Washington Post, which conducted the investigation, scam apps...
timcookantitrust

Tim Cook 'Practicing for Hours' Ahead of Epic Games Testimony Expected This Week

Monday May 17, 2021 4:17 am PDT by
So far, Apple CEO Tim Cook has taken a backseat in defending Apple as it faces a significant legal battle with Epic Games regarding the App Store. While the CEO has commented on the platform in the past, for the first time this week, Tim Cook will take center stage in his company's battle with Epic Games. Apple in March submitted its list of executives that will testify during the trial...
fortnite apple featured

Apple Earned Over $100 Million From Fortnite

Wednesday May 19, 2021 12:02 pm PDT by
Apple collected more than $100 million in revenue from the 30 percent cut that it takes from Fortnite in-app purchases, according to testimony provided by App Store gaming business development head Michael Schmid, who shared the detail in the ongoing Epic v. Apple trial. As noted by Bloomberg, Schmid offered the $100 million figure as a rough estimate, and declined to provide a specific...
apple park drone june 2018 2

Unreleased MacBook Schematics Stolen in $50 Million Ransomware Attack on Apple Supplier

Wednesday April 21, 2021 2:47 am PDT by
As Apple held its "Spring Loaded" event where it unveiled brand new iPad Pros, a redesigned iMac, and the long-awaited release of AirTags, one of its main MacBook suppliers was undergoing a ransomware attack worth $50 million. As reported by Bloomberg, the ransomware group called REvil, publicly declared early on Tuesday that it had accessed the internal computers of Apple supplier Quanta...
app store blue banner

App Store Ecosystem Responsible for Estimated $643 Billion in Billings and Sales in 2020, According to Apple-Commissioned Study

Wednesday June 2, 2021 10:00 am PDT by
The App Store ecosystem facilitated an estimated $643 billion in billings and sales in 2020, an increase of 24 percent year-over-year, according to an Apple-commissioned study done by Analysis Group economists. [PDF] The study, "A Global Perspective on the Apple App Store Ecosystem," comes as Apple awaits a decision in its ongoing trial with Epic Games, much of which focused on App Store...

Popular Stories

safari icon blue banner

Safari Bug Allows Websites to Track Your Recent Browsing Activity in Real Time [Updated]

Sunday January 16, 2022 3:37 pm PST by
A bug in WebKit's implementation of a JavaScript API called IndexedDB can reveal your recent browsing history and even your identity, according to a blog post shared on Friday by browser fingerprinting service FingerprintJS. In a nutshell, the bug allows any website that uses IndexedDB to access the names of IndexedDB databases generated by other websites during a user's browsing session....
iPhone 14 Mock pill and hole thumb

ProMotion Now Expected to Remain Exclusive to iPhone 14 Pro Models, Not Expand to Entire Lineup

Sunday January 16, 2022 8:56 am PST by
Continuing the tradition set with the iPhone 13 Pro, only the highest-end iPhone 14 models will feature Apple's ProMotion display technology, according to a respected display analyst. Ross Young, who on multiple occasions has detailed accurate information about Apple's future products, said in a tweet that ProMotion will not be expanded to the entire iPhone 14 lineup and will remain...
iPad Air Feature 2 green

New Apple Products Filed in Regulatory Database, Likely Including New iPhone SE and iPad Air

Tuesday January 18, 2022 6:11 am PST by
Apple today filed unreleased iPhone and iPad models in the Eurasian Economic Commission database, as spotted by French blog Consomac. The filings likely represent the rumored third-generation iPhone SE, fifth-generation iPad Air, and potentially more. The unreleased iPhone models have the identifiers A2595, A2783, and A2784, while the unreleased iPad models have the identifiers A2588, A2589, ...
AirPods 3 New Firmware Feature

Apple Updates AirPods 3 Firmware to Version 4C170

Tuesday January 18, 2022 11:46 am PST by
Apple today released a new 4C170 firmware update for the AirPods 3, an update from the prior 4C165 that was made available in December. Apple does not offer details on what's included in new firmware updates for the AirPods‌, so we don't know what improvements or bug fixes the new firmware brings. There is no standard way to upgrade the ‌AirPods‌‌ software, but firmware is...
iphone 5g mmwave

U.S. Airlines Warn of 'Catastrophic' Crisis With Impending 5G Rollout, AT&T and Verizon Agree to Delay Around Airports

Tuesday January 18, 2022 10:35 am PST by
Verizon and AT&T's upcoming rollout of new C-Band 5G technology could cause chaos and lead to widespread delays of passenger and cargo flights, major U.S. airlines said on Monday in a letter sent to the White House National Economic Council, the FAA, and the FCC (via Reuters). "Unless our major hubs are cleared to fly, the vast majority of the traveling and shipping public will essentially...
iphone se 2020 top

iPhone SE With Larger 5.7-Inch Display May Launch in 2023, 'iPhone SE+ 5G' Also Rumored

Monday January 17, 2022 6:46 am PST by
Apple is planning to release a fourth-generation iPhone SE with a larger 5.7-inch display as early as 2023, according to display industry consultant Ross Young, who has proven to be a reliable source of information for future Apple products. The fourth-generation iPhone SE has until now been rumored to launch in 2024, but Young now says a 2023 release is looking more likely....
tesla carplay solution

Developer Showcases Apple CarPlay Workaround for Teslas

Monday January 17, 2022 7:24 am PST by
A Tesla Model 3 owner has resorted to a workaround to implement Apple CarPlay in his vehicle, amid no sign of official support from Tesla (via Tesla North). Apple CarPlay and Apple Music support are among the most-requested Tesla features, but with no indication that Tesla is willing to implement Apple CarPlay in its vehicles, Polish developer Michał Gapiński took matters into his own...
ipad air 4 video

New iPad Air Rumored to Launch This Spring With A15 Chip, 5G, Center Stage Camera, and More

Saturday January 15, 2022 8:05 pm PST by
Apple is planning to release a fifth-generation iPad Air with similar features as the sixth-generation iPad mini, including an A15 Bionic chip, 12-megapixel Ultra Wide front camera with Center Stage support, 5G for cellular models, and Quad-LED True Tone flash, according to Japanese blog Mac Otakara. Citing reliables sources in China, the report claims that the new iPad Air could be...