Emails that have been published as part of the Epic Games v. Apple trial have revealed that back in 2015, 128 million iOS users installed 2,500+ infected apps that were affected by the XcodeGhost malware. The malware was placed inside apps that appeared to be legitimate and at the time it was believed to be the largest hack against iPhone users based on the number of people affected. Of the aforementioned 128 million users impacted, 18 million were from the U.S.
128 million iOS users installed 2500+ malware infected apps in 2015 including popular titles like WeChat and Angry Birds 2
One of the apps filled with malware was the Angry Birds 2 game
The malware was supposed to be able to grab personal information from victims including the name of the infected app, the name and type of the device, network information and more. In its FAQ site, Apple wrote, “we’re not aware of personally identifiable customer data being impacted and the code also did not have the ability to request customer credentials to gain iCloud and other service passwords,” and that the “malicious code could only have been able to deliver some general information such as the apps and general system information.”
Other emails indicated that Apple was trying to figure out the importance of the hack, and how it would tell the victims about it. Matt Fischer, Apple’s vice president for the App Store, wondered whether Apple wanted to send an email to all of its customers affected by the hack. Fischer wrote, “Note that this will pose some challenges in terms of language localizations of the email, since the downloads of these apps took place in a wide variety of App Store storefronts around the world.”
Security firm Lookout said at the time that, “XcodeGhost’s creators repackaged Xcode installers with the malicious code and published links to the installer on many popular forums for iOS/OS X developers.” Lookout explained that “Developers were enticed into downloading this tampered version of Xcode because it would download much faster in China than the official version of Xcode from Apple’s Mac App Store.”
Some of the apps that contained the XcodeGhost malware included popular titles at the time such as WeChat, and the Chinese version of Angry Birds 2. While the malware did impact a large number of users, the malware itself was not considered sophisticated or dangerous.