'XcodeGhost' Malware Attack in 2015 Impacted 128 Million iOS Users, According to Trial Documents - MacRumors
Skip to Content

'XcodeGhost' Malware Attack in 2015 Impacted 128 Million iOS Users, According to Trial Documents

by

Back in 2015, a malware-infected version of Xcode began circulating in China, and malware-ridden "XcodeGhost" apps made their way into Apple's App Store and past the ‌App Store‌ review team.

XcodeGhost Featured1
There were more than 50 known infected iOS apps at the time, including major apps like WeChat, NetEase, and Didi Taxi, with up to 500 million iOS users potentially impacted. It's been a long time since the XcodeGhost attack, but Apple's trial with Epic is surfacing new details.

Trial documents highlighted by Motherboard indicate that a total of 128 million users downloaded apps with the XcodeGhost malware, including 18 million users in the United States.

XcodeGhost was one of the biggest attacks against iPhone users to date due to the number of iPhone users that were impacted. The 128 million impacted users got malware from downloads of more than 2,500 affected apps.

Based on emails shared in the trial, Apple worked to determine the impact of the attack and how to best notify those who downloaded infected apps. "Due to the large number of customers potentially affected, do we want to send an email to all of them?" Apple's ‌App Store‌ vice president Matt Fischer asked.

Apple did ultimately inform users that downloaded XcodeGhost apps, and also published a list of the top 25 most popular apps that were compromised. Apple removed all of the infected apps from the ‌App Store‌, and provided information to developers to help them validate Xcode going forward.

XcodeGhost was a widespread attack, but it was not effective or dangerous. At the time, Apple said that it had no information to suggest that the malware was ever used for any malicious purpose nor that sensitive personal data was stolen, but it did collect app bundle identifiers, network details, and device names and types.

Tag: Epic Games vs. Apple Guide

Popular Stories

app store blue banner epic 1

Apple Asks Supreme Court to Pause Epic Games Case Ahead of App Store Fee Ruling

Monday May 4, 2026 4:08 pm PDT by
Apple today filed an emergency application with the Supreme Court, asking for a stay on App Store fee calculations while it waits to hear whether the Supreme Court will weigh in on the latest developments in its legal battle with Epic Games. Apple argues that without a stay, it will face irreparable harm. Apple says it will have to litigate the fundamentals of its business model with the...
Read Full Article124 comments
fortnite apple featured

Fortnite Returns to the App Store Worldwide as Epic Signals 'Final Battle' With Apple

Tuesday May 19, 2026 6:08 am PDT by
Fortnite is back on the App Store in every country except Australia, Epic Games announced today, as the company declared it is entering the "final battle" of its long-running legal dispute with Apple. Epic said the decision to push Fortnite back onto iOS globally was prompted by Apple's own words to the U.S. Supreme Court, in which Apple acknowledged that "regulators around the world are...
Read Full Article130 comments
app store blue banner epic 1

Apple Asks Supreme Court to Review App Store Contempt Ruling

Thursday May 21, 2026 2:58 pm PDT by
Apple today formally asked the U.S. Supreme Court to review the series of rulings that led to changes to App Store linking rules and fees in the United States. In 2021, Apple largely won its legal dispute with Epic Games, but Judge Yvonne Gonzalez Rogers ordered Apple to relax its anti-steering rules and let developers link to alternate payment options in apps. Apple complied, but charged a...
Read Full Article82 comments

Top Rated Comments

S
Stromos
66 months ago
Yes its so convenient to figure out which app store I need to download and install to get an app. Then provide credit card details to any and every developer that I want to purchase something. Then figure out which store I need to open to update an app. Better regularly launch the alternative stores to get updates. Oh a store was compromised which apps on my device came from that store?

No purpose to the end user at all.
Score: 20 Votes (Like | Disagree)
D
deevey
66 months ago

how are these companies obtaining these private emails?
The ongoing Epic / Apple.

I'd guess these emails were entered into evidence by Apple as an insight into what they actually do in term of securing the App Store, further justifying the 30% commission.
Score: 8 Votes (Like | Disagree)
rjohnstone Avatar
rjohnstone
66 months ago

It's silly that Apple has to even justify the 30% commission they charge on their own platform that devs and users are free to use or not use, esp when nobody else justifies the same, but these emails are interesting to read.
Devs are not free to use the platform. They have to pay annually to have the opportunity to be listed. Not all apps get listed. ;)
Score: 6 Votes (Like | Disagree)
hot-gril Avatar
hot-gril
66 months ago
It's silly that Apple has to even justify the 30% commission they charge on their own platform that devs and users are free to use or not use, esp when nobody else justifies the same, but these emails are interesting to read.
Score: 6 Votes (Like | Disagree)
ArPe Avatar
ArPe
66 months ago
If phones turned into multiple App Store flea markets then half the apps installed would be these malware and spyware. Every one of you could have your money stolen or become the next Khashoggi.
Score: 6 Votes (Like | Disagree)
C
Cosmosent
66 months ago
Another Nugget thanks to the trial !
Score: 6 Votes (Like | Disagree)
Read All Comments