Image: Motherboard
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.
Advertisement
Advertisement
Advertisement
The hackers inserted the malicious code into a tampered version of Xcode, Apple's app development software, which allowed them to snuck the malicious code into thousands of apps. "XcodeGhost’s creators repackaged Xcode installers with the malicious code and published links to the installer on many popular forums for iOS/OS X developers," security firm Lookout reported at the time. "Developers were enticed into downloading this tampered version of Xcode because it would download much faster in China than the official version of Xcode from Apple’s Mac App Store."Apple has always had a good reputation in terms of security. But the company has been reluctant to speak publicly and candidly about specific security incidents. So these emails, which were only released because of discovery in the Epic v. Apple Fortnite trial, are an interesting peek behind the curtain that show a fuller extent of the damage from this hack as well as specifics about how the company handled the hack's fallout in real time.Do you research vulnerabilities on Apple's products? Do you know of any attacks on iPhones? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, OTR chat at lorenzofb@jabber.ccc.de, or email lorenzofb@vice.com
Advertisement