128M iOS users were affected by 2015 XcodeGhost malware

Posted:
in General Discussion edited May 2021
A total of 128 million iOS users downloaded apps that were affected by the XcodeGhost malware in 2015, according to emails revealed during the Epic Games v. Apple trial.

Credit: AppleInsider
Credit: AppleInsider


The XcodeGhost malware was parsed into otherwise legitimate applications to mine user data in a coordinated campaign in 2015. Although the malware was quickly stopped, details about the full impact of the attack remained murky.

However, emails published as part of the Epic v. Apple trial have finally given us a clearer picture at the scope of the hack. In total, 128 million users downloaded the more than 2,500 tainted applications. About 18 million of those users were in the U.S., according to Vice, which first spotted the emails.

In addition to revealing the magnitude of the hack, the emails also detail how Apple scrambled to work out how serious it was and notify victims.

"Due to the large number of customers potentially affected, do we want to send an email to all of them?" said Matt Fischer, vice president of the App Store. "Note that this will pose some challenges in terms of language localizations of the email, since the downloads of these apps took place in a wide variety of App Store storefronts around the world."

Dale Bagwell, Apple's iTunes customer experience manager at the time, agreed that a mass notification would be challenging.

"Just want to set expectations correctly here. We have a mass-request tool that will allow us to send the emails, however we are still testing to make sure that we can accurately include the names of the apps for each customer," Bagwell wrote.

Bagwell also brought up some of the limitations of the tool, including the fact that sending a mass batch of emails to 128 million people could take up to a week.

Although the malware was widespread on the App Store, it wasn't particularly sophisticated or dangerous. At the time, Apple said it didn't have any information to suggest it was used to do anything malicious or harvest personally identifiable information.

The incident led Apple to acquire SourceDNA, a startup specializing in malware detection.

Comments

  • Reply 1 of 11
    lkrupplkrupp Posts: 10,557member
    "Although the malware was widespread on the App Store, it wasn't particularly sophisticated or dangerous. At the time, Apple said it didn't have any information to suggest it was used to do anything malicious or harvest personally identifiable information.”

    So what’s the big deal? 
    watto_cobra
  • Reply 2 of 11
    EsquireCatsEsquireCats Posts: 1,268member
    Yep let’s definitely remove even more barriers to publishing software on these devices which carry all of our personal information, banking access, private messages/photos/etc. /s

    It’s like we don’t already have a preview of this with Cydia on jail-broken iPhones: Malware packaged with all manner of titles, especially free games which lures in naive users and kids.
    Also keep in mind that the smartphone platforms are constantly the target from blackhats to intelligence agencies: the idea of opening the gates to 3rd party stores out of Apple’s control is plainly stupid. 
    thtwilliamhPhiltkyAlex_Vkillroylkruppdoozydozenbaconstanguraharaviclauyyc
  • Reply 3 of 11
    applguyapplguy Posts: 235member
    I really don’t understand the path Epic is going down. Apple bought a security company because bad developers added possibly malicious code. So unlike Epic’s in app virtual currency V-bucks, Apple has to continue to develop the App Store ecosystem to keep it functioning. 
    Beatskillroydoozydozenwatto_cobra
  • Reply 4 of 11
    XedXed Posts: 2,519member
    lkrupp said:
    "Although the malware was widespread on the App Store, it wasn't particularly sophisticated or dangerous. At the time, Apple said it didn't have any information to suggest it was used to do anything malicious or harvest personally identifiable information.”

    So what’s the big deal? 
    So if you woke up one morning to discover that someone uninvited was in your home without your permission you'd be fine with that so long as they didn't steal anything or hurt anyone?

    Personally, I'm thankful that this malware—and this is malware—wasn't particularly dangerous to users so that iOS and the App Store could be hardened so that more nefarious uses of this malware could be stopped before it was created.
    williamhbonobobDogpersonCloudTalkinkillroyviclauyyckurai_kageFileMakerFellerjony0watto_cobra
  • Reply 5 of 11
    MplsPMplsP Posts: 3,911member
    Seems like this is a great example of how the app store adds value - a malicious app is discovered and Apple can deactivate it, improving the security for everyone. 
    PhiltkyAlex_Vchasmgenovellekillroydoozydozenbaconstangviclauyyckurai_kageFileMakerFeller
  • Reply 6 of 11
    BeatsBeats Posts: 3,073member
    This is why Apple needs control. This is why Apple argues it should contrast o the software gate. 
    PhiltkykillroydoozydozenStrangeDaysviclauyycwatto_cobra
  • Reply 7 of 11
    chasmchasm Posts: 3,275member
    “So what’s the big deal?”

    Um, the big deal is that a path to insert much more dangerous malware was discovered. Man am I ever glad some people will never work for Apple.
    DogpersonCloudTalkinkillroybaconstangviclauyyckurai_kagejony0watto_cobra
  • Reply 8 of 11
    genovellegenovelle Posts: 1,480member
    Yep let’s definitely remove even more barriers to publishing software on these devices which carry all of our personal information, banking access, private messages/photos/etc. /s

    It’s like we don’t already have a preview of this with Cydia on jail-broken iPhones: Malware packaged with all manner of titles, especially free games which lures in naive users and kids.
    Also keep in mind that the smartphone platforms are constantly the target from blackhats to intelligence agencies: the idea of opening the gates to 3rd party stores out of Apple’s control is plainly stupid. 
    STUPID Stupid on a whole new level!!!
  • Reply 9 of 11
    lkrupplkrupp Posts: 10,557member
    genovelle said:
    Yep let’s definitely remove even more barriers to publishing software on these devices which carry all of our personal information, banking access, private messages/photos/etc. /s

    It’s like we don’t already have a preview of this with Cydia on jail-broken iPhones: Malware packaged with all manner of titles, especially free games which lures in naive users and kids.
    Also keep in mind that the smartphone platforms are constantly the target from blackhats to intelligence agencies: the idea of opening the gates to 3rd party stores out of Apple’s control is plainly stupid. 
    STUPID Stupid on a whole new level!!!
    Looks like we have a naive jail breaker upset by valid criticism of their naïveté.  
    viclauyycFileMakerFellerjony0watto_cobra
  • Reply 10 of 11
    Spencer314Spencer314 Posts: 34member
    MplsP said:
    Seems like this is a great example of how the app store adds value - a malicious app is discovered and Apple can deactivate it, improving the security for everyone. 
    Exactly. 

    A court ordered opening of the App Store to multiple vendors (or simply allowing phones to download apps from anywhere) destroys a significant aspect of the iOS ecosystem, which is that one company owns making sure it is properly moderated and that moderation failures can be remediated quickly. 

    It is true that MacOS allows users to run anything, and that Apple has a means to certify Mac apps that are distributed outside of the Mac App Store, but the scale of Mac applications is tiny in comparison to what iOS has to deal with and Apple's analysis of certified apps is relatively minimal. Every time I download an app from somewhere on a Mac, I kind of need to do enough google searching to make sure I am downloading a trustworthy app from a trustworthy source. 

    But, Apple does need to change its App stores. It needs to rid the App Store of copycat apps, it needs to allow third-party app stores which curate items on the App Stores with some revenue sharing. It actually needs to reduce its fees from 30% to 25% and for higher-volume apps down to 15% or 10%. 

    The App Store is annoyingly anti-competitive and the App Store itself suffers from not being pushed by genuine competition. It just isn't clear how competition can be introduced while keeping it safe. Epic just seems to be trying to blow it up, converting it into the Wild West of 1990s Windows. That wouldn't end well. 
  • Reply 11 of 11
    jdwjdw Posts: 1,324member
    Reading all these news stories about Epic vs. Apple makes muse about the company name.  Isn't anyone amazed that the most common use for the English word "epic" is in the phrase "Epic Fail"?  
    watto_cobra
Sign In or Register to comment.