According to reports, nearly 128 million iOS users downloaded apps containing the XcodeGhost malware but Apple did not inform victims about the attack.
In March 2021, Hackread.com reported the supply-check attack in which XcodeSpy malware was used to target developers using Xcode integrated development environment, and a similar malware was used back in 2015. It was codenamed XcodeGhost, and it allowed attackers to insert malicious code in legitimate apps using rogue versions of Xcode downloaded from third-party websites.
It must be noted that Xcode is Apple’s app development tool. Back then, it was reported that Apple stopped the attack quickly.
However, according to a new report, emails presented during the Epic Games vs. Apple court proceedings have revealed startling new details on that particular attack. It turns out that nearly 128 million iOS users downloaded the apps containing the XcodeGhost malware. Reportedly, Apple kept this malware attack a secret and didn’t share the impact’s full details.
An Epic Spillover
Both the companies are fighting a battle in the court after Apple removed Battle Royale game Fortnite from its App Store in August 2020 after Epic implemented an in-app payment system to bypass Apple’s 30% fee for in-app purchases.
Ars Technica, who initially reported on the case findings, stated that Epic has revealed a series of emails revealing Apple management chose not to inform the 128 million affected iPhone users about the biggest ever mass compromise of the iOS ecosystem.
The hack came to light in 2 ..
Support the originator by clicking the read the rest link below.
