'XcodeGhost' Malware Attack in 2015 Impacted 128 Million iOS Users, According to Trial Documents

Back in 2015, a malware-infected version of Xcode began circulating in China, and malware-ridden "XcodeGhost" apps made their way into Apple's App Store and past the ‌App Store‌ review team.

XcodeGhost Featured1
There were more than 50 known infected iOS apps at the time, including major apps like WeChat, NetEase, and Didi Taxi, with up to 500 million iOS users potentially impacted. It's been a long time since the XcodeGhost attack, but Apple's trial with Epic is surfacing new details.

Trial documents highlighted by Motherboard indicate that a total of 128 million users downloaded apps with the XcodeGhost malware, including 18 million users in the United States.

XcodeGhost was one of the biggest attacks against iPhone users to date due to the number of ‌iPhone‌ users that were impacted. The 128 million impacted users got malware from downloads of more than 2,500 affected apps.

Based on emails shared in the trial, Apple worked to determine the impact of the attack and how to best notify those who downloaded infected apps. "Due to the large number of customers potentially affected, do we want to send an email to all of them?" Apple's ‌App Store‌ vice president Matt Fischer asked.

Apple did ultimately inform users that downloaded XcodeGhost apps, and also published a list of the top 25 most popular apps that were compromised. Apple removed all of the infected apps from the ‌App Store‌, and provided information to developers to help them validate Xcode going forward.

XcodeGhost was a widespread attack, but it was not effective or dangerous. At the time, Apple said that it had no information to suggest that the malware was ever used for any malicious purpose nor that sensitive personal data was stolen, but it did collect app bundle identifiers, network details, and device names and types.

Top Rated Comments

Stromos Avatar
40 months ago
Yes its so convenient to figure out which app store I need to download and install to get an app. Then provide credit card details to any and every developer that I want to purchase something. Then figure out which store I need to open to update an app. Better regularly launch the alternative stores to get updates. Oh a store was compromised which apps on my device came from that store?

No purpose to the end user at all.
Score: 20 Votes (Like | Disagree)
deevey Avatar
40 months ago

how are these companies obtaining these private emails?
The ongoing Epic / Apple.

I'd guess these emails were entered into evidence by Apple as an insight into what they actually do in term of securing the App Store, further justifying the 30% commission.
Score: 8 Votes (Like | Disagree)
ArPe Avatar
40 months ago
If phones turned into multiple App Store flea markets then half the apps installed would be these malware and spyware. Every one of you could have your money stolen or become the next Khashoggi.
Score: 6 Votes (Like | Disagree)
hot-gril Avatar
40 months ago
It's silly that Apple has to even justify the 30% commission they charge on their own platform that devs and users are free to use or not use, esp when nobody else justifies the same, but these emails are interesting to read.
Score: 6 Votes (Like | Disagree)
rjohnstone Avatar
40 months ago

It's silly that Apple has to even justify the 30% commission they charge on their own platform that devs and users are free to use or not use, esp when nobody else justifies the same, but these emails are interesting to read.
Devs are not free to use the platform. They have to pay annually to have the opportunity to be listed. Not all apps get listed. ;)
Score: 6 Votes (Like | Disagree)
Cosmosent Avatar
40 months ago
Another Nugget thanks to the trial !
Score: 6 Votes (Like | Disagree)

Popular Stories

General Apps Messages

iMessage Down for Some Users [Update: Service Restored]

Thursday May 16, 2024 3:00 pm PDT by
The iMessage service that Apple users to send messages to one another appears to be down for some users, and messages are failing to go out or are taking an extra long time to send. There are numerous reports about the issue on social networks and a spike of outage reports on Down Detector, but Apple's System Status page is not yet reporting an outage. Update: Apple's status page says...
iOS 17

Troubling iOS 17.5 Bug Reportedly Resurfacing Old Deleted Photos

Wednesday May 15, 2024 5:29 am PDT by
There are concerning reports on Reddit that Apple's latest iOS 17.5 update has introduced a bug that causes old photos that were deleted – in some cases years ago – to reappear in users' photo libraries. After updating their iPhone, one user said they were shocked to find old NSFW photos that they deleted in 2021 suddenly showing up in photos marked as recently uploaded to iCloud. Other...
iphone 15 pro max vs iphone 16 pro max

iPhone 16 Pro Max Looks This Much Bigger Beside iPhone 15 Pro Max

Thursday May 16, 2024 4:51 am PDT by
This year's upcoming iPhone 16 Pro Max is expected to get a boost in overall size from 6.7-inches to 6.9-inches, and a new image gives us a good idea of how the current iPhone 15 Pro Max compares to what could be Apple's largest ever iPhone. The image above, posted on X by ZONEofTECH, shows a dummy model representing the ‌iPhone 16 Pro‌ Max alongside an actual iPhone 15 Pro Max. Dummy...
iOS 17

iOS 17.5 Bug May Also Resurface Deleted Photos on Wiped, Sold Devices

Friday May 17, 2024 12:24 pm PDT by
A bug in iOS 17.5 is apparently causing photos that have been deleted to reappear, and the issue seems to impact even iPhones and iPads that have been erased and sold off to other people. A Reddit user wiped an iPad following Apple's guidelines in September of 2023 before selling it off to a friend. That friend updated the iPad to iPadOS 17.5 this week, and began seeing the Reddit user's old ...
oled m4 ipad pro grainy display reports

OLED iPad Pro Users Report 'Grainy' Displays, But It May Not Be a Defect

Friday May 17, 2024 5:57 am PDT by
Some new M4 iPad Pro models are exhibiting a visible static grain pattern across the OLED display, according to several user reports on Reddit (1, 2, 3) and the MacRumors Forums. Image credit: MacRumors user bk215 Users who see the grain generally report that it is most noticeable in dark environments with the display set at a low to medium brightness while viewing content with gray or muted...
Delta Hands On Feature

iPhone Emulators on the App Store: Game Boy, N64, PS1, PSP, and More

Thursday May 16, 2024 12:45 pm PDT by
In April, Apple updated its guidelines to allow retro game emulators on the App Store, and several popular emulators have already been released. The emulators released so far allow iPhone users to play games released for older consoles from Nintendo, Sony, SEGA, Atari, and others. A list of some popular emulators available on the App Store so far follows. Released Delta Delta is...