'XcodeGhost' Malware Attack in 2015 Impacted 128 Million iOS Users, According to Trial Documents

by

Back in 2015, a malware-infected version of Xcode began circulating in China, and malware-ridden "XcodeGhost" apps made their way into Apple's App Store and past the ‌App Store‌ review team.

XcodeGhost Featured1
There were more than 50 known infected iOS apps at the time, including major apps like WeChat, NetEase, and Didi Taxi, with up to 500 million iOS users potentially impacted. It's been a long time since the XcodeGhost attack, but Apple's trial with Epic is surfacing new details.

Trial documents highlighted by Motherboard indicate that a total of 128 million users downloaded apps with the XcodeGhost malware, including 18 million users in the United States.

XcodeGhost was one of the biggest attacks against iPhone users to date due to the number of ‌iPhone‌ users that were impacted. The 128 million impacted users got malware from downloads of more than 2,500 affected apps.

Based on emails shared in the trial, Apple worked to determine the impact of the attack and how to best notify those who downloaded infected apps. "Due to the large number of customers potentially affected, do we want to send an email to all of them?" Apple's ‌App Store‌ vice president Matt Fischer asked.

Apple did ultimately inform users that downloaded XcodeGhost apps, and also published a list of the top 25 most popular apps that were compromised. Apple removed all of the infected apps from the ‌App Store‌, and provided information to developers to help them validate Xcode going forward.

XcodeGhost was a widespread attack, but it was not effective or dangerous. At the time, Apple said that it had no information to suggest that the malware was ever used for any malicious purpose nor that sensitive personal data was stolen, but it did collect app bundle identifiers, network details, and device names and types.

Tag: Epic Games vs. Apple Guide

Popular Stories

iOS 18 Siri Personal Context

Report Reveals Internal Chaos Behind Apple's Siri Failure

Thursday April 10, 2025 7:15 am PDT by
A new report from The Information today reveals much of the internal turmoil behind Apple Intelligence's revamped version of Siri. Apple apparently weighed up multiple options for the backend of Apple Intelligence. One initial idea was to build both small and large language models, dubbed "Mini Mouse" and "Mighty Mouse," to run locally on iPhones and in the cloud, respectively. Siri's...
Read Full Article341 comments
M6 MacBook Pro Feature 1

Waiting for the Perfect MacBook Pro? 2026 Might Be the Year

Thursday April 10, 2025 4:19 am PDT by
Apple in October 2024 overhauled its 14-inch and 16-inch MacBook Pro models, adding M4, M4 Pro, and M4 Max chips, Thunderbolt 5 ports on higher-end models, display changes, and more. That's quite a lot of updates in one go, but if you think this means a further major refresh for the MacBook Pro is now several years away, think again. Bloomberg's Mark Gurman has said he expects only a small...
Read Full Article112 comments
Alleged iOS 19 Icons Front Page Tech

iOS 19 Leak Reveals Alleged New Design With Rounder App Icons, Floating Tab Bar, and More

Monday April 7, 2025 3:13 pm PDT by
YouTube channel Front Page Tech is back today with another video that provides a closer look at iOS 19's alleged design changes. The video contains re-created renders of iOS 19, which are allegedly based on real footage of the software update, provided by sources within Apple. Overall, iOS 19 is expected to have a more glass-like, visionOS-inspired design, with added translucency for user...
Read Full Article243 comments
Apple Northbrook

Apple Store in Chicago Area Permanently Closing Later This Month

Wednesday April 9, 2025 9:56 am PDT by
Apple will be permanently closing its store at the Northbrook Court shopping mall in the Chicago suburb of Northbrook on April 26, the company has announced. Apple has added the following notice to the store's web page:Thank you Northbook. Apple Northbrook is closing on April 26 at 7pm. We're still here for you. Please visit apple.com/retail to find your nearest store.Apple Northbrook opened ...
Read Full Article35 comments
Apple 2025 Thumb 1

10 Products Still Coming From Apple in 2025

Friday April 11, 2025 4:14 pm PDT by
Apple may have updated several iPads and Macs late last year and early this year, but there are still multiple new devices that we're looking forward to seeing in 2025. Most will come in September or October, but there could be a few surprises before then. We've rounded up a list of everything that we're still waiting to see from Apple in 2025. iPhone 17, 17 Air, and 17 Pro - We get...
Read Full Article46 comments
iOS 18

iOS 18.4.1 Update Coming Soon for iPhones

Wednesday April 9, 2025 8:56 am PDT by
Apple employees are testing iOS 18.4.1 for iPhones, according to the MacRumors visitor logs, which have been a reliable indicator of upcoming iOS versions. The software update will likely be released in a week or two, if not sooner. As the version number implies, iOS 18.4.1 will obviously be a minor update that addresses software bugs and/or security vulnerabilities. There are no...
Read Full Article21 comments
iOS 18

iOS 18.5 Includes Two Changes So Far

Wednesday April 9, 2025 9:09 am PDT by
Apple released the first beta of iOS 18.5 last week, and so far the software update includes only two minor changes. The changes are in the Mail and Settings apps. In the Mail app, you can now easily turn off contact photos directly within the app, by tapping on the circle with three dots in the top-right corner. In the Settings app, there is some new AppleCare+ information. For ...
Read Full Article
iPhone 17 Pro 3 4ths Perspective Aluminum Camera Module 1

iPhone 17 Pro's New Rear Camera Bar 'Same Color As Rest of Device'

Monday April 7, 2025 2:09 am PDT by
Apple's upcoming iPhone 17 Pro models will feature a redesigned rear camera panel that spans the width of the device, but it will be the same color as the iPhone itself, rather than being part of a two-tone design. That's according to Bloomberg's Mark Gurman. Writing in his latest Power On newsletter, the reporter says the iPhone 17 Pro won't have a two-toned back, as some renders have...
Read Full Article66 comments
iPhone 17 Pro 3 4ths Perspective Aluminum Camera Module 1

5 Biggest Changes Rumored for iPhone 17 Pro

Tuesday April 8, 2025 2:38 am PDT by
Later this year, Apple will introduce the iPhone 17 series, which includes the iPhone 17 Pro and the iPhone 17 Pro Max, two new high-end flagship devices that will be sold alongside the regular iPhone 17 and an all-new ultra-thin iPhone 17 Air. If you have been holding out for the iPhone 17 Pro or its bigger sibling, here are five of the biggest changes, informed by the latest reports and...
Read Full Article83 comments

Top Rated Comments

Stromos Avatar
Stromos
51 months ago
Yes its so convenient to figure out which app store I need to download and install to get an app. Then provide credit card details to any and every developer that I want to purchase something. Then figure out which store I need to open to update an app. Better regularly launch the alternative stores to get updates. Oh a store was compromised which apps on my device came from that store?

No purpose to the end user at all.
Score: 20 Votes (Like | Disagree)
deevey Avatar
deevey
51 months ago

how are these companies obtaining these private emails?
The ongoing Epic / Apple.

I'd guess these emails were entered into evidence by Apple as an insight into what they actually do in term of securing the App Store, further justifying the 30% commission.
Score: 8 Votes (Like | Disagree)
ArPe Avatar
ArPe
51 months ago
If phones turned into multiple App Store flea markets then half the apps installed would be these malware and spyware. Every one of you could have your money stolen or become the next Khashoggi.
Score: 6 Votes (Like | Disagree)
hot-gril Avatar
hot-gril
51 months ago
It's silly that Apple has to even justify the 30% commission they charge on their own platform that devs and users are free to use or not use, esp when nobody else justifies the same, but these emails are interesting to read.
Score: 6 Votes (Like | Disagree)
rjohnstone Avatar
rjohnstone
51 months ago

It's silly that Apple has to even justify the 30% commission they charge on their own platform that devs and users are free to use or not use, esp when nobody else justifies the same, but these emails are interesting to read.
Devs are not free to use the platform. They have to pay annually to have the opportunity to be listed. Not all apps get listed. ;)
Score: 6 Votes (Like | Disagree)
Cosmosent Avatar
Cosmosent
51 months ago
Another Nugget thanks to the trial !
Score: 6 Votes (Like | Disagree)
Read All Comments