128 million iPhone users revealed that they had malware-laden apps installed



Trials between Apple and Epic Games have begun, and testimony by third parties reveals a variety of new facts about the gaming industry and Apple. It was revealed that 128 million iPhone users had installed apps containing malware from the App Store.

The Fortnite Trial Is Exposing Details About the Biggest iPhone Hack on Record
https://www.vice.com/en/article/n7bbmz/the-fortnite-trial-is-exposing-details-about-the-biggest-iphone-hack-of-all-time

Apple brass discussed disclosing 128-million iPhone hack, then decided not to | Ars Technica
https://arstechnica.com/gadgets/2021/05/apple-brass-discussed-disclosing-128-million-iphone-hack-then-decided-not-to/

In 2015, it was reported that a large number of iOS apps infected with the malware 'XCode Ghost' that extracts personal information were distributed on the App Store. XCodeGhost is a malware that invades an application developed with Xcode by tampering with Xcode, an iOS application development environment provided by Apple. Illegal distribution of pirated Xcode etc. has been replaced by XCode Ghost, and it turns out that the application developed using this was sending multiple data including personal information to a specific server. ..

This is an app that has been found to have been distributed on the App Store after being infected with the malware 'Xcode Ghost' that extracts personal information.


by Ciro Urdaneta

At the time XCodeGhost was reported, some security researchers complained that 'about 4000 apps were infected with XCodeGhost,' which could have affected hundreds of millions of users around the world. It was mentioned. However, it was not clear how many users were actually affected by XCode Ghost.

However, an email published during a trial of Apple and Epic Games reveals that the number of iPhone users affected by XCode Ghost was 128 million worldwide and 18 million in the United States alone. I have.



In an internal email exchange, Dale Bagwell, Apple's iTunes Customer Experience Manager at the time, said, 'A total of 128 million customers downloaded more than 2,500 XCode Ghost-influenced apps. These customers have downloaded XCode Ghost-affected apps more than 203 million times in total. '

Yet another Apple employee said, '55% of Chinese customers download XCode Ghost-affected apps, and 66% of XCode Ghost-affected apps are Chinese customers. It's also clear that a significant number (18 million) of customers in the United States were affected by XCode Ghost, 'says the email, with more than half of users downloading apps infected with XCode Ghost. He revealed that he is a Chinese user.



In addition, from the email exchange, it is also clear that Apple was initially considering notifying all users of the existence of XCode Ghost. However, no notification was actually sent to the user, and it is unknown whether the notification was sent to the victim.

Instead of the notification, Apple had a dedicated FAQ page , but it was already closed at the time of writing the article. In addition, on this FAQ page, it was stated that 'Although the number of users affected by XCode Ghost is large, it was not really a sophisticated attack and it was not dangerous.'

in Mobile,   Software,   Security, Posted by logu_ii