XcodeGhost Malware Infected 128 Million iOS Devices

During an antitrust lawsuit between Epic Games and Apple, documents were made public revealing that the XcodeGhost malware, discovered in 2015, had attacked more than 128 million iOS users in total.

To recap, last year the game developer filed a lawsuit against Apple after Apple removed Fortnite from the App Store, allegedly for violating the terms of their agreement.

Information about XcodeGhost was found in emails that have now become public. In these emails, Apple employees discuss the XcodeGhost incident and possible steps the company should take.

XcodeGhost malware was first detected in 2015, when it was discovered that hackers had tampered with the Xcode developer tool, releasing their own version called XcodeGhost. As a result, all apps created with XcodeGhost were unsafe for users. It was soon revealed that there were more than 4,000 such apps.

At the time, Apple removed the malicious apps from the App Store and published instructions for developers to help them verify the legitimacy of their Xcode version.

It has now come to light that when Apple identified more than 2,500 malicious apps, they had already been downloaded from the App Store over 203 million times. According to the company’s estimates, about 128 million users worldwide were affected. More than half of the victims were in China, but Apple also identified 18 million affected users in the United States.

In the released correspondence, Apple employees discuss whether to directly notify all 128 million people about the issue, and it appears that Apple ultimately decided not to do so. Apple representatives told SecurityWeek that they constantly inform their users about such problems and provide all necessary information, but the company did not specify whether affected users were directly notified about XcodeGhost.