‘XCodeGhost’ Malware in 2015 Affected 128 Million iPhone Users

BY Rajesh Pandey

Published 8 May 2021

iPhone App Store

In 2015, an XCode malware called ‘XCodeGhost’ was found in over 2,500+ iOS apps. The malware affected many popular apps like WeChat, WinZip, etc. The malware made it through Apple’s App Store review and into millions of iPhones out there.

It was never clear how many iPhones the malware had managed to infect. As part of its ongoing Apple vs. Epic trial, emails released by Apple reveal that 128 million users had downloaded apps infested with the XCodeGhost malware. Out of this, at least 18 million iPhone users were in the US.

“In total, 128M customers have downloaded the 2500+ apps that were affected LTD. Those customers drove 203M downloads of the 2500+ affected apps LTD,” said Apple’s Dale Bagwell, in one of the emails.

iPhone users in China were the worst affected by the malware. They accounted for 55% of the 128 million users affected by the hack and 66% of the downloads.

The team at Apple was unclear if they should reach out to iPhone users across the world affected by the hack. The company had to reach a large number of users across the world, which would have taken it over a week to do so. Ultimately, that’s what Apple did, though it is unclear if it reached out to every single affected user. Apple also removed all affected apps from the App Store until developers got around to compiling their app from a signed and verified version of Xcode.

When the hack was first discovered, Apple said it was not aware of “personally identifiable customer data being impacted and the code also did not have the ability to request customer credentials to gain iCloud and other service passwords.”

[Via Vice]