The recent lawsuit between Epic Games and Apple has revealed a number of details about a 2015 App Store hack in which malware was loaded into thousands of iPhone apps. The malware impacted about 128 million iPhone users.
Motherboard reports that in 2015, hackers managed to infect thousands of apps on the iPhone App Store with malware in whats believed to be the largest iPhone hack to date. The hack had the potential to impact hundreds of millions of people, given that it affected approximately 4,000 apps according to researcher estimates.
The full scale of the was unknown to the public for years, with many believing that the impact of the hack — known as XCodeGhost — would never full by revealed. But due to the ongoing legal battle between Apple and Epic Games, it has finally been revealed how many iPhone users were impacted by the hack — 128 million in total, of which 18 million were in the United States.
Dale Bagwell, who managed Appel’s iTunes customer experience at the time of the hack, wrote in one email: “In total, 128M customers have downloaded the 2500+ apps that were affected LTD. Those customers drove 203M downloads of the 2500+ affected apps LTD.”
Another Apple employee wrote in emails that: “China represents 55% of customers and 66% of downloads. As you can see, a significant number (18M customers) are affected in the US.” The emails also show that Apple was working quickly at the time to figure out the impact of the hack and notify victims.
Matt Fischer, Apple’s vice president for the App Store, wrote: “Due to the large number of customers potentially affected, do we want to send an email to all of them? Note that this will pose some challenges in terms of language localizations of the email, since the downloads of these apps took place in a wide variety of App Store storefronts around the world.”
Bagwell agreed that contacting all Apple users affected by the issue would b a challenge, stating: “Just want to set expectations correctly here. We have a mass-request tool that will allow us to send the emails, however we are still testing to make sure that we can accurately include the names of the apps for each customer. There have been issues with this specific functionality in the past. Also – I want to be clear that the tool is very limited in the number of emails it can handle. With a batch this big (128M) we would likely have to spend up to a week sending these messages, so after localizing the emails (which will take several days) we’ll need at least a week for the send – if we are using the mass-request tool.”
Read more at Motherboard here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan or contact via secure email at the address email@example.com