Home News Did Apple choose to keep mum about the XcodeGhost malware attack affecting...

Did Apple choose to keep mum about the XcodeGhost malware attack affecting 128Mn iPhone users?

The malware, codenamed XcodeGhost, was inserted into legitimate apps through rogue versions of Xcode downloaded from third-party websites.

Apple App Store, Apple vulnerabilities

Apple entered the courtroom of the U.S. District Court for the Northern District of California on May 3, 2021, for a showdown against Epic Games Inc. However, what unraveled took everyone by surprise.

Epic Games vs Apple

Epic Games founder Tim Sweeney, who previously challenged Apple’s 30% revenue cut that is applicable on each purchase made on the App Store, has once again filed another lawsuit against the latter in August 2020. The gaming giant has specifically challenged Apple’s restrictions on apps from having other in-app purchasing methods outside of the one offered by the App Store. However, due to the pandemic, the suit went on trial just a week back.

The trial made public an email chain exchange between Apple’s top brass on September 21, 2015, which hints that potentially 128 million iPhone users downloaded 2500+ malicious apps over 203 million times. Although the conversations in the email suggest that Apple executives were trying to find ways of informing the end-users, these notifications never reached them. However, a few weeks later, stories of XcodeGhost apps haunting the App Store surfaced, which confirms that the conversation was about this exact malware.

The XcodeGhost Malware

Xcode is Apple’s integrated development environment (IDE) for macOS. It is specifically used to develop software and apps for macOS, iOS, iPadOS, watchOS, and tvOS. Xcode gives users the advantage of having a unified workflow for user interface design, coding, testing, and debugging. But in 2015, a counterfeit of Xcode – dubbed XcodeGhost – was being inserted into legitimate apps through rogue versions of Xcode downloaded from third-party websites. The malicious code of the XcodeGhost malware worked as a botnet that collected critical user information from its victims’ devices.

Related News:

Why France Digitale Filed Privacy Complaint Against Apple

Apple Faced Logistical Issues for Sending Notifications

Matthew Fischer, the App Store VP, wrote in one of the mails, due to the large number of customers potentially affected, do we want to send an email to all of them? There were logistical issues that Apple was facing in sending out emails to all the affected users.

 Problem 1  Sending huge volumes of notification mail

Dale Bagwell, who was then in charge of customer experience at Apple said,

We have a mass-request tool that will allow us to send the emails, however, we are still testing to make sure that we can accurately include the names of the apps of each customer. There have been issues with this specific functionality in the past.


Also – I want to be clear that the tool is limited in the number of emails it can handle. With a batch this big (128Mn) we would likely have to spend up to a week sending these messages.

 Problem 2  Language localization

Language localization was another roadblock that Apple faced while deciding to send notifications to worldwide customers. In response to Bagwell’s email, Fischer discussed this issue with his marketing and PR officials. He said,

This will pose some challenges in terms of language localizations of the email since the downloads of these apps took place in a wide variety of App Store storefronts around the world (e.g. we wouldn’t want to send an English-language email to a customer who downloaded one or more of these apps from the Brazil App Store, where Brazilian Portuguese would be the more appropriate language).

Even after discussing the problem statements and viable solutions, the notification email was never sent to the end-users. However, now a deleted post, which gives a rough idea of the XcodeGhost malware infesting several App Store apps, has surfaced on archive channels. It does not mention the exact number of apps affected but vaguely provides a list of “top 25 impacted apps,” which included WeChat, Angry Birds 2, Baidu Music, and many more. In the post, Apple suggested its users update the listed apps immediately to fix the issue on their respective devices.

But what happens in “one of the most important legal battles in the history of video games,” only time and the U.S. District Court’s judgment will tell.

Related News:

German Security Researcher Claims Apple AirTag can be Hacked