'Fortnite': Ongoing trials reveal what could be the largest iPhone malware attack

Some of the supposed content that are planned to be added in 'Fortnite' (Image source: Top5Gaming/YouTube)

The 'Fortnite' legal battle continues and has exposed a malware that is said to have previously affected millions of Apple device users

by E Cruz

Updated on May 12, 2021 at 9:18 AM

Don’t miss on the latest updates

Click on the topic that interests you to follow it. We will keep you updated with the news you shouldn’t miss.

Fortnite

Apple

Video of the Day: Blasting News

The legal battle between Apple Inc. and “Fortnite” developer Epic Games is on. Legal documents that were previously presented revealed some interesting plans for the game, including collaborations with the NBA superstar Lebron James, Lady Gaga, Ariana Grande, and even a supposed Naruto crossover. This so-called “Fortnite” trial has just entered its second week, and this time, released emails revealed that a massive number of users had been infected by what is described as the largest hack on record.

‘Fortnite’ trial unearths past malware attack

Apple released these emails in question and showed that around 128 million Apple users – to which 18 million of them are from the United States – have their devices infected by a malware dubbed XCodeGhost upon downloading infected apps from the App Store, Vice reports.

This attack took place in 2015 where hackers injected the malware onto thousands of apps on the App Store.

If Fireeye’s 2015 estimates are anything to go by, the cybersecurity firm has identified around 4,000 infected apps on the store. Meanwhile, according to Lookout’s blog that same year, the malware is a malicious code inserted into iOS apps as it utilizes a tampered version of Apple’s Xcode which then steals information from iOS devices.

XCodeGhost

The blog also revealed back then that the Chinese iOS developers first detected the bug and was later on researched by another cybersecurity firm – Palo Alto Networks. One might ask, what does this XcodeGhost malware do? Well, it steals a lot from your Apple device like:

The app bundle identifier
Network information
The device’s “identifierForVendor.”
Device’s name and type
Name of the infected app

The above-mentioned information will be encrypted and will be relayed to a so-called command and control server.

It served as a challenge for Apple

The emails presented also revealed that Apple back then “was scrambling to figure out the impact of the hack, and working on notifying the victims.” Nonetheless, it was agreed upon by Apple big wigs that reaching out to all the victims would be a challenge for them. Challenge in terms of language localizations of the email since these apps were downloaded around the world.

Apple made it clear that they have a “mass-request too” that enables them to send emails. However, it seems that they are still testing to accurately put the name of the apps for each user since it was mentioned that there were functionality issues in the past.

The exact number of affected users has yet to be disclosed by Apple, but it would say it would notify those who got affected during that time. It was not indicated, though, if the company notified every single one of them.

Content sponsored by Outbrain