You may not remember, but a modified copy of Xcode that surfaced on the web in 2015 was responsible for injecting malware into several iPhone and iPad apps that were subsequently uploaded to the App Store. Now, thanks to the Epic vs. Apple trial, internal Apple emails have revealed that more than 128 million iOS users were affected by the “XcodeGhost” malware.

As noted by a Motherboard report, Dale Bagwell confirmed in an email that 128 million consumers had downloaded more than 2,500 apps infected by the malware that came from the fake copy of Xcode. In total, these 2,500 infected apps have been downloaded more than 203 million times in the App Store.

Bagwell was the iTunes Customer Experience Manager at the time. Another Apple employer mentioned that “China represents 55% of customers and 66% of downloads,” also referring to the “XcodeGhost” malware. According to more internal Apple emails, about 18 million affected users were based in the US.

The company has had multiple internal discussions about warning affected developers and users, as you can read below:

Several developers downloaded the infected Xcode because Apple’s servers were slow, so they looked for alternative download links. Even popular apps like Angry Birds 2 were affected. As soon as the malware was identified, Apple asked developers to immediately recompile their apps with a genuine version of Xcode.

“Due to the large number of customers potentially affected, do we want to send an email to all of them?” Matt Fischer, Apple’s vice president for the App Store, wrote.

[…]

“Just want to set expectations correctly here. We have a mass-request tool that will allow us to send the emails, however we are still testing to make sure that we can accurately include the names of the apps for each customer. There have been issues with this specific functionality in the past,” he wrote.

Following this incident, Apple has reinforced both the security of the Xcode installation process and the malware scanning when submitting apps to the App Store. Earlier today, testimony from one of the heads of the App Store revealed more details about the iOS app review process as part of the trial.

Read also:

  • Apple likely to win Epic Games case, but could still make concessions to developers
  • App Store VP testifies in Epic trial as emails reveal special API access for Hulu and other devs
  • Apple banned Shadow app after Microsoft used it as an example to get xCloud for iOS approved
  • Emails reveal Apple’s attempts to stop Netflix from dropping App Store In-App Purchase support
  • Epic CEO says he would have taken a special App Store deal if Apple had offered