The legal battle between Apple Inc. and “Fortnite” developer Epic Games is on. Legal documents that were previously presented revealed some interesting plans for the game, including collaborations with the NBA superstar Lebron James, Lady Gaga, Ariana Grande, and even a supposed Naruto crossover. This so-called “Fortnite” trial has just entered its second week, and this time, released emails revealed that a massive number of users had been infected by what is described as the largest hack on record.

‘Fortnite’ trial unearths past malware attack

Apple released these emails in question and showed that around 128 million Apple users – to which 18 million of them are from the United States – have their devices infected by a malware dubbed XCodeGhost upon downloading infected apps from the App Store, Vice reports.

This attack took place in 2015 where hackers injected the malware onto thousands of apps on the App Store.

If Fireeye’s 2015 estimates are anything to go by, the cybersecurity firm has identified around 4,000 infected apps on the store. Meanwhile, according to Lookout’s blog that same year, the malware is a malicious code inserted into iOS apps as it utilizes a tampered version of Apple’s Xcode which then steals information from iOS devices.

XCodeGhost

The blog also revealed back then that the Chinese iOS developers first detected the bug and was later on researched by another cybersecurity firm – Palo Alto Networks. One might ask, what does this XcodeGhost malware do? Well, it steals a lot from your Apple device like:

  • The app bundle identifier
  • Network information
  • The device’s “identifierForVendor.”
  • Device’s name and type
  • Name of the infected app

The above-mentioned information will be encrypted and will be relayed to a so-called command and control server.

It served as a challenge for Apple

The emails presented also revealed that Apple back then “was scrambling to figure out the impact of the hack, and working on notifying the victims.” Nonetheless, it was agreed upon by Apple big wigs that reaching out to all the victims would be a challenge for them. Challenge in terms of language localizations of the email since these apps were downloaded around the world.

Discuss this news on Eunomia

Apple made it clear that they have a “mass-request too” that enables them to send emails. However, it seems that they are still testing to accurately put the name of the apps for each user since it was mentioned that there were functionality issues in the past.

The exact number of affected users has yet to be disclosed by Apple, but it would say it would notify those who got affected during that time. It was not indicated, though, if the company notified every single one of them.