- More than 128 million iOS users were allegedly affected by the “XcodeGhost” malware.
- “XcodeGhost” malware which first surfaced in 2015 — responsible for injecting malware into several iPhone and iPad apps.
- 2,500 infected apps have been downloaded more than 203 million times in the App Store.
- Apple has reinforced the security of the Xcode installation process when submitting apps to the App Store.
XcodeGhost (and variant XcodeGhost S) are modified versions of Apple’s Xcode development environment that are considered malware. The software first gained widespread attention in September 2015. Back then, a number of apps originating from China harbored malicious code. It was thought to be the “first large-scale attack on Apple’s App Store”.
The problems were first identified by researchers at Alibaba, a leading e-commerce firm in China. Over 4000 apps are infected, according to FireEye. Far more than the 25 initially acknowledged by Apple, including apps from authors outside China, are affected.
More than 128 million iOS users were affected by the malware:
In San Francisco, more than 128 million iOS users were allegedly affected by the “XcodeGhost” malware. The malware first surfaced in 2015 and is responsible for injecting malware into several iPhone and iPad apps. Internal Apple emails have revealed during the Epic Games vs Apple trial that 128 million consumers had downloaded more than 2,500 apps infected by the malware that came from the fake copy of Xcode.
In total, these 2,500 infected apps have been downloaded more than 203 million times in the App Store, reports Motherboard. An employer mentioned that “China represents 55 percent of customers and 66 percent of downloads,” also referring to the “XcodeGhost” malware.
About 18 million affected users were based in the US:
Several developers downloaded the infected Xcode because Apple’s servers were slow, so they looked for alternative download links. As the legal battle between Apple and Epic Games began in the US this week, new details emerged, also revealing that Epic Games CEO Tim Sweeney asked Apple CEO Tim Cook to open its iPhones to other app stores as early as 2015.
While Epic Games argues about Apple’s monopoly over the app market and treats a 30 percent standard fee amount to anti-competitive behavior that must be regulated by antitrust law, Apple contends that “the whole antitrust allegation and associated dust-kicking is little more than a PR stunt”.
The Fortnite game was removed from the App Store in August last year after the company allegedly violated rules by adding an in-game payment system aimed at depriving Apple of its commission on in-app purchases from the App Store.