A modified copy of Xcode appeared on the web in 2015 responsible for injecting malware into some iPhone and iPad apps, which were then uploaded to the App Store.
Thanks to the lawsuit between Epic Games and Apple, internal Apple email content has revealed that more than 128 million iOS users have been affected by malware called XcodeGhost.
This information was confirmed by the iTunes Customer Experience Manager at the time, Dale Bagwell, on Motherboard in an email that 128 million consumers downloaded more than 2,500 apps infected with malware that came from fake copies. Xcode’s appearance. In total, these 2,500 infected apps were downloaded more than 203 million times in the App Store. Another Apple recruiter mentioned that “China represents 55% of customers and 66% of downloads”, also referring to the malware “XcodeGhost”. According to multiple internal Apple emails, about 18 million affected users are based in the US. Notably, Apple has had many internal discussions about how to send warnings to affected developers and users because the number of customers potentially exposed to malicious code is quite high. Even so, App Store VP Matt Fischer notes that this will pose some challenges in terms of localization of the email’s language, since downloading these apps takes place in the App Store. all over the world. As a result, Apple failed to send warnings to users and developers. 
Even popular apps like WeChat and Angry Birds 2, designed for the Chinese market, are on the affected list, the report said. As soon as the malware was identified, Apple asked developers to immediately recompile their apps with a genuine version of Xcode. Lookout explains that “developers are drawn to downloading this fake version of Xcode because it will download much faster in China than the official version of Xcode from Apple’s Mac App Store.” Following this incident, Apple increased the security of Xcode installation and malware scanning when submitting apps to the App Store. In testimony from one of the heads of the App Store at the trial of the lawsuit between Epic and Apple, this person said the iOS app review process is part of Apple’s charge for the App Store.
You must log in to post a comment.