According to Wired, this is the biggest attack ever aimed at iOS, with more than 128 million iPhones affected, but Apple is less.
In September 2015, Apple executives fell into a dilemma: “Should 128 million iPhone users be notified of the biggest iOS breach in history?” In the end, they chose to remain silent.
The first mass attack on Apple’s mobile platform came to light when researchers discovered 40 malicious apps that existed on the App Store. Apple was silent about the biggest attack on the iOS platform. Photo: Getty Images. When the scope of the investigation was expanded, this number was eventually determined to be 4,000. They contain malicious code that makes iPhone and iPad part of the botnet. Simply put, the iPhone infected with malicious code becomes the iPhone “zombie”, manipulated for many malicious purposes. Malware infiltrated 128 million iPhones This shocking information has just been revealed by Epic’s lawyers, a few days before the trial of the antitrust lawsuit between the game maker and Apple. Accordingly, on the afternoon of September 21, 2015, about a week after Apple launched iPhone 6s / 6s Plus, Apple leaders discovered 2,500 malicious applications on the App Store, which were downloaded by 128 million users, total plus 203 million visitors, of which 18 million users in the US. Thousands of malware appeared on 128 million iPhones. Photo: Bankinfosecurity. “Joz, Tom and Christine – the number of affected customers is very large, should we email all of them?”, Apple’s Senior Vice President of Global Marketing, Greg Joswiak team members by email. “If so, Dale Bagwell from the Customer Experience team will take care of it. It should be noted that it is difficult to translate emails into the local language, as the application is downloaded in many different countries around the world. About 10 hours later, Bagwell joined the discussion on this matter. Obviously localizing the content, especially the exact name of the application, is not easy. Finally, no emails are sent to the client. Apple quietly posted a simple Q&A document, which generally lists the series of malicious codes appearing on the App Store and the 25 most downloaded names of these. Currently the post has also been deleted. Malware impersonates Apple’s development tools The biggest attack in iOS history came from developers writing apps using fake Xcode – Apple’s iOS and OS X software development tools. The version called XcodeGhost stealthily inserted malicious code alongside the normal functions of the application. Since then, the infected applications cause the victim’s iPhone to be controlled and controlled by the server, and provide a lot of information about the device, including name, identification code, network information, details in ” IDfierForVendor ”… XcodeGhost has embedded the malicious code in popular applications. Photo: Hackread. In China, XcodeGhost promises to load faster than the Xcode toolkit provided by Apple. When developers use the fake version, they receive a warning from Gatekeeper, the macOS security feature requires the app to be verified by a reputable publisher. Eventually, however, thousands of apps developed from the fake toolkit still appeared on the App Store. Disappointing behavior of Apple According to the Wired The Cupertino giant has long made security and privacy a top priority on its devices. Therefore, they need to report directly to the users affected by this serious incident. Google has a bad reputation for being silent when users download malicious apps on Android or the Chrome browser, now it’s Apple’s turn. This is not the first malware scandal on the App Store that eventually falls silent. From 2013, page ArsTechnica found that the application “Jekyll” passed an Apple rating but ultimately contained malicious code. The leaders of Apple have forwarded back and forth, discussing a lot about the method of controlling and approving applications on the App Store. However, all are kept internally confidential without public notice to affected users. IOS 15 build with many new features The new iOS build integrates quite a few features that users have been waiting for.
You must log in to post a comment.