Skip to content

Apple-Epic trial reveals 128M people installed malware via App Store in 2015

  • by
  • 3 min read

As part of the ongoing trial between Apple and Epic Games, a series of emails produced by Apple has revealed the true scale of the XcodeGhost malware attack iPhone users faced in 2015, indicating that 128 million users were impacted by the hack, with 18 million in the US.

In 2015, some unknown hackers snuck malware into an estimated 4000 apps on the Apple App Store. This hack, known as XcodeGhost, affected around 4000 apps and was believed to have the potential to impact hundreds of millions of users as per researchers. 

The hack went down as one of the biggest in Apple’s history, but its real impact was never revealed. However, as reported by Vice, in the course of the ongoing trial involving Epic Games and Apple over Fortnite’s in-app purchase policy, emails presented from Apple seem to paint a clearer picture of the impact.

In the News: Twitter’s Tip Jar will allow users to send and receive tips

What was XcodeGhost’s actual impact?

The emails coming from Dale Bagwell who was Manager of iTunes customer experience reveal that around 128 million iPhone users were impacted, with 18 million coming from the US alone from 2500 apps that were downloaded over 203 million times.

Not only do the emails show the vast impact of the hack, but they also show that Apple was squabbling to deal with it, and notifying the impacted users. 

Another Apple employee stated in the emails that about 55% of the customers and 66% of the downloads on the impacted apps came from China, including WeChat and DiDi Taxi. 

What was Apple’s response?

It’s clear from the emails that Apple was facing a challenge with language localisation and identifying the impacted apps for each victim. According to Matt Fischer, Apple’s VP for the App Store was a huge challenge since the apps were downloaded across a global scale, notifying each user in their own local language and with the exact apps that had harmed them. Bagwell also agreed to this.

Back in 2015, Apple stated that it would notify the impacted users by mail. However, the true impact or scale of the hack wasn’t revealed. 

The only worrying thing about the hack was the sheer number of people impacted as the malware itself was not very sophisticated or, for that matter, dangerous.

“We have no information to suggest that the malware has been used to do anything malicious or that this exploit would have delivered any personally identifiable information had it been used. We’re not aware of personally identifiable customer data being impacted, and the code also did not have the ability to request customer credentials to gain iCloud and other service passwords,” Apple said in an online post in 2015, which has since been taken down.

In the News: Google will launch a privacy section for Android app listings in Q1 2022


Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: