In the recent malware developments, more than 128 million iOS users were reportedly impacted in a cyberattack by the XcodeGhost malware that was injected into numerous malicious applications.
In what appears to be a big-scale XcodeGhost malware deployment using malicious applications, it was revealed that during the Epic Games vs Apple trial that there were 2,500 malware-ridden apps were downloaded which contained fake copies of Xcode.
Apple’s legal battle with Epic:
The news comes at a time when the lawful conflict between Apple and Epic Games began in the US this week.
The lawsuit was a result of the Fortnite game being removed from the App Store in August last year after the company allegedly violated rules by adding an in-game payment system aimed at depriving Apple of its commission on in-app purchases from the App Store.
Also read,
Malicious XcodeGhost malware:
To the unaware, the XcodeGhost malware is the modified version of Apple’s Xcode development environment that is considered malware. The software first gained widespread attention in September 2015, when a number of apps originating from China harbored the malicious code.
In total, these 2,500 infected apps have been downloaded more than 203 million times in the App Store, reports Motherboard.
Certain XcodeGhost malware download statistics also provide that 55% of these customers and 66% of these downloads are a Chinese contribution.
Of the 128 million iOS users impacted, 18 million victims come from the U.S. alone.
Several developers downloaded the infected Xcode because Apple’s servers were slow, so they looked for alternative download links, noted the reports.
Widely popular apps like Angry Birds 2 were also among the list of affected applications.
Apple’s countermeasures:
From Apple’s perspective, soon after the XcodeGhost malware was spotted by the tech giant, they notified the developers to promptly recompile their apps with the authentic version of the Xcode.
Subsequently, Apple has also enhanced the security measures of both, the Xcode installation process as the malware scanning process when apps are enrolled within the App Store.