Posted on May 11, 2021 at 8:37 PM
Apple Withheld Information of Malware Attack on 128 Million Users
An email issued by Epic has stated that Apple failed to warn users of a pending malware attack.
Apple and Epic have been engaging in a court battle, and the two companies have used the time to reveal each other’s secrets. Recently, Epic has released several emails in court that show Apple executives hid malware threats for 128 million Apple users. This was the largest iOS cybersecurity threat.
Apple 2015 Malware hack
According to the emails, the hack into Apple was revealed in 2015 when the company launched the iPhone 6S. Cybersecurity research revealed that around 40 malicious apps were located on the App Store. The number of malicious apps further increased to reach around 4000 apps.
The malicious apps in question were labelled ‘XCodeGhost.’ The apps harboured a code that would install a botnet on iOS devices and steal private user data. The malware attack on the apps happened after Apple used a fake version of Xcode, the development tool used for Apple. The Xcode tool installed a malicious code into the developer projects.
Compromises Apple Privacy Agreement
According to the email, Apple failed to reveal the details after an executive meeting ruled against it. According to Apple executives, revealing the malware to its global users would be a challenge for the firm.
“Joz, Tom, and Christine—due to the large number of customers potentially affected, do we want to send an email to all of them?” the Vice President of App Store, Matthew Fischer, wrote in the email. The email was later sent to the company’s senior Vice President, Greg Joswiak, and the PR executive, Tom Neumayr and Christine Monaghan.
Even though the details revealed in the email happened six years ago, it still comes as a surprise that Apple chose not to share the details. Besides, the email was not sent to the public, and Apple’s representative who went to court did not offer any email evidence.
For the longest time, Apple has come out stating that it prioritizes customer privacy. Their privacy campaign has been very active, given that the FI has also backed them on their privacy levels. With the new report, Apple’s sparkling privacy record has been dented as well as its privacy image. This effect may have been the main reason why Epic chose to release the details of the hack in court.
Apple’s legal battle with Epic started in 2015. The battle came to be after Apple removed Epic’s game, Fortnite, from the App Store. Apple’s decision to remove the game from their app was caused by Epic adding an in-game payment system that enabled it to bypass the 30% fee that Apple charges on in-app purchases.
The privacy issue caused by this revelation by Epic may cause a great deal of harm to Apple. However, the damage, if any, has not yet been released by the company. However, Apple users are not the first to suffer from a privacy threat.
Android users have also been victims of the same after sophisticated apps that siphoned money illegally from advertisers were detected on the platform. However, Google alerted its users on the matter and even removed the apps from the platform. Apple’s failure to release the information to its users so they can take proactive measures may have been the company’s undoing in terms of their privacy image.