Biggest iPhone Hack Ever: ‘Fortnite’ Trial Exposes Emails Detailing the ‘XCodeGhost’ Malware

Biggest iPhone Hack Ever: ‘Fortnite’ Trial Exposes Emails Detailing the ‘XCodeGhost’ Malware


The Epic vs. Apple trial is bringing us down memory lane, as it exposed emails revealing the true extent of, what turns out, the biggest iPhone hack ever. In case it slipped people’s memory, in 2015, hackers successfully crept in a potentially dangerous ‘XCodeGhost’ malware to thousands of iPhone and iPad apps. 

Apple, during that time, has been privy to the details of the attack. To add, the company, on their part, said that they notified hundreds of millions of victims. Researchers also estimate that about 4,000 apps are infected. 

(Photo : Sean Gallup/Getty Images)
BERLIN, GERMANY – MARCH 25: A member of the Bundestag wears protective gloves as she uses an iPhone during debates at the Bundestag prior to the likely passing of a massive federal financial aid package to shore Germany up against the effects of the coronavirus on March 25, 2020 in Berlin, Germany. The Bundestag is expected to pass the package worth over EUR 150 billion later today.

The said attack, in terms of affected users, is the largest hack that iPhones and iPads ever had. And we’re only knowing it now. Thanks to the ‘Fornite’ Trial for publishing Apple executive’s emails. 

In exact numbers, the emails also revealed that the duped iPhone users are 128 million globally, and 18 million of them were from the United States. 

Dale Bagwell, Apple manager of iTunes customer experience back then, wrote in an email that: “In total, 128M customers have downloaded the 2500+ apps that were affected LTD.”

It is to note that the particular figures of the apps injected with the malware were not revealed in the emails. We’re forced to settle to the 2500+ estimation of Bagwell. These apps were downloaded a whopping 203 million times in Apple’s App Store. 

Email also revealed that the Apple employees are grappling to inform the victims of the malware. 

Matt Fisher, then Apple vice president for the App Store, wrote: “Due to the large number of customers potentially affected, do we want to send an email to all of them?”

“Just want to set expectations correctly here. We have a mass-request tool that will allow us to send the emails, however, we are still testing to make sure that we can accurately include the names of the apps for each customer,” Fisher said. “There have been issues with this specific functionality in the past.”

Furthermore, the email also revealed that most of the affected users are from China at 55%. To add, 66% of the downloads are from the Asian country too. 

Read Also: Apple Mac Malware Warning: ‘An Unusual Infection’ on Xcode Projects Compromises 380 IP Addresses

What does Xcode Malware do? 

In hindsight: the XcodeGhost malware infiltrated iPhone and iPad apps into deceiving mostly Chinese developers of a compromised version of Xcode, Tech Times reported in 2015. 

Moreover, the pseudo-Xcode could potentially steal the user’s data. Particularly, passwords from Apple’s iCloud service and the user’s clipboard. But Apple, Vice reported, said: “the code did not have the ability to request customer credentials to gain iCloud and other service passwords.”

Additionally, Chinese developers downloaded the compromised Xcode because the authentic one of Apple is significantly slower to download. 

Apps Affected by ‘Xcode Malware’

If you’re wondering which apps you used in 2015 were part of the attack, here are a few of the most popular apps: WeChat, CamScanner Pro, and the Chinese version of, the then sought-after, Angry Birds 2. 

The full list is here. 

XCode and CIA

The XCodeGhost was used by the CIA to break into Apple devices, some Snowden documents mentioned. The products were the iPhone, iPad, and Macs. 

Related Article: iOS App Tracking Transparency: Nearly All Users Are Opting Out of Ad Tracking, Ongoing Study Claims

This article is owned by Tech Times

Written by Teejay Boris

ⓒ 2021 All rights reserved. Do not reproduce without permission.