Apple instructs developers to verify Xcode using command line tool; Thousands of apps believed to be malware-infected

By

Apple instructs Chinese developers to verify Xcode using a command line tool after a counterfeit version of the software was used to create malicious apps. Security researchers estimate that thousands of apps were infected by XcodeGhost malware.

Xcode is Apple's software tool kit for creating iOS and Mac apps. In its website for developers, Apple advised app makers to validate their version of Xcode using a command line tool (spctl --assess --verbose /Applications/Xcode.app). Detailed instructions are posted on the site for developers' reference. The tool should show the following result for Xcode downloaded from the App Store:

/Applications/Xcode.app: accepted
source=Mac App Store

And either of the following for Xcode obtained from Apple's developer site:

/Applications/Xcode.app: accepted
source=Apple or

/Applications/Xcode.app: accepted
source=Apple System

Any other result showing another source means that the software is not a verified Xcode version.

Following the major malware attack on the App Store, Apple announces that it will host the Xcode in local Chinese servers to speed up downloads, reported Mashable. Xcode has a 3GB file size and downloading it from countries outside the US can be slow. Developers in China used an untrusted Xcode version hosted in a Chinese server for faster access. This incident caused malicious apps created by trusted app makers to sneak into the App Store.

Cybersecurity firm Palo Alto Networks said that there are many ways that malware can enter despite the strict code assessment of App Store. It is also difficult to detect malware like XcodeGhost because it is well-hidden in the code.

9to5Mac reported both good and bad news regarding the XcodeGhost attack. For the good news, it has been known that only the Chinese App Store is infected and that XcodeGhost did not steal sensitive user information.

The bad news is that not only hundreds, but thousands, of apps are infected by the malicious software. The report further states that many infected apps are still in the Chinese App Store, with the earliest infected apps being there since April.

By offering Xcode locally in China, developers will less likely download on unreliable sources and thus avert a similar incident in the future. Apple is also making rigorous efforts to remove malicious apps from the Chinese App Store.

© 2024 VCPOST.com All rights reserved. Do not reproduce without permission.

Join the Conversation

Real Time Analytics