Telset.id, Jakarta – Do you still remember the XcodeGhost malware that affected hundreds of iOS users in 2015? Recently, a new fact has emerged that will surprise all iOS users around the world.
Reported Telset from Motherboard, Sunday (9/5/2021), an email published as part of Epic Games’ conflict with Apple revealed facts related to the XcodeGhost malware.
In the email, it was stated that at least 128 million iOS users have been affected by the XcodeGhost malware that attacked in 2015.
It is believed, 128 million iOS users have downloaded more than 2,500 applications that have been infected with malware originating from fake Xcode copies. In total, the 2,500 infected apps have been downloaded more than 203 million times on the App Store.
“128 million subscribers have downloaded more than 2,500 affected applications,” explained Manager of iTunes Customer Experience named Dale Bagwell, writing in one of the emails.
{Also read: XcodeSpy malware targets Apple developers, disguised as Xcode}
Another Apple employee mentioned that 55% of Chinese users have been affected and account for about 66% of total downloads. According to more internal Apple e-mails, around 18 million US iOS users are also affected by the XcodeGhost malware.
Apple Seeks To Know iOS Users
The email also revealed that Apple was trying hard to find out the impact of the hack. The company from Cupertino also tried to notify the victims, but was constrained by language, considering how many were affected.
“Since so many customers could potentially be affected, would we like to send an email to all of them?” said Matt Fischer, VP of the App Store.
“Note that this will pose some challenges in terms of localization of the email language, as the download of this application takes place in various App Store storefronts around the world,” he continued.
Fischer’s explanation was also agreed by Bagwell. According to him, reaching all iOS users who are victims of the XcodeGhost malware is a challenge in itself.
If Apple had to notify victims via email, it wanted Apple to accurately enter the name of the app for each iOS user. Of course it will take time to be able to send information about XcodeGhost to 128 million iOS users.
Not only is it constrained in the local language of each user, the shipping process is the next obstacle that Apple has to face.
{Also read: How to Get Rid of Malware on Android Phones, Most Effective!}
“We have a tool that allows us to send email. However, we are still testing to ensure that we can accurately enter the application name for each customer, ”said Bagwell.
“Also, I want to make it clear that this tool is very limited in the number of emails it can handle. With 128 million users affected, we may have to spend up to a week sending this message, “he continued.
XcodeGhost malware steals user data
The XcodeGhost malware that affects hundreds of millions of iOS users is designed to steal some personal information, such as the infected app name, App Bundle identifier, device name and type, and network information.
Quoted from 9to5MacThe spread of this malware started when some developers downloaded the infected Xcode on an alternative site. This is because Apple’s servers are slowing down and hindering the application development process.
{Also read: 7 Most Destructive and Deadly Malware Attacks}
In fact, several popular applications such as Angry Birds 2 were affected by this malware. When Apple found out, the company asked developers to immediately recompile their app with the original version of Xcode.
Following this incident, Apple has strengthened the security of the Xcode installation process and malware scanning when developers submit applications to the App Store. (MF)
–
