In September 2015, Apple ran into a dilemma: if 128 million iPhone users were reminded to beware of the most serious widespread hack in iOS history, they decided to remain silent.
When researchers found 40 malicious apps on the App Store, this widespread hacking attack first appeared. With the increase in the number of researchers, this number has reached 4000.
These apps contain code that makes iPhones and iPads part of the botnet, thus stealing potentially sensitive information from users.
According to an email from Apple and Epic Games, company officials on September 21, 2015 found that 128 million iPhone users had downloaded up to 2,500 malicious apps for a total of 203 million downloads.
The Vice President of the App Store, Senior Vice President, Global Marketing, Director of Public Relations, and the Customer Experience Team discussed the issue of warning users of a violation.
The topic of discussion is the large number of 128 million affected users translating the warning into each user's language and separating the name of each client's app.
It appears that Apple has never implemented the plan, nor is there evidence that such an email has been sent. On the contrary, the company only published this deleted post.
The post contains very general information on malicious app activity and only lists the 25 downloaded apps.
The message reads: Users who own one of these apps should update the affected app to solve the problem. If the app is available through the App Store, then it has been updated. If it is not available, it should be updated as soon as possible.
The infection is the result of developers writing apps using fake versions of Xcode (Apple's iOS and OS X app development tools).
The newly compiled tool is called XcodeGhost and it contains malicious code and normal application functions.
These apps cause the iPhone to report and submit various device information to the command and control server, including the affected application name, application package ID, network information, device resource ID details, device name, type, and unique identifier.
Compared to Apple's Xcode tool, XcodeGhost claims to be the fastest downloader in China.
Developers should click on the warning provided by Gatekeeper Security. To do this, the app must be digitally signed by a known developer so that a fake version can run without problems.
Apple has always made security of retail devices a priority and privacy at the heart of its products. However, it was decided not to inform the affected users of this hacking incident.
Apple is silent about hacking 128 million iPhone users |