Apple Outlines Steps for Developers to Validate Xcode Following Malware Attack
Following last week's disclosure of new iOS malware called XcodeGhost, which arose from malicious versions of Xcode hosted on third-party servers, Apple has outlined instructions for developers to ensure the version of Xcode they are using is valid.
When downloading Xcode from the Mac App Store, or Apple's website so long as Gatekeeper is enabled, OS X automatically checks the app's code signature and validates it against Apple's code. If you must obtain Xcode elsewhere, follow these steps:
To verify the identity of your copy of Xcode run the following command in Terminal on a system with Gatekeeper enabled:
spctl --assess --verbose /Applications/Xcode.app
where /Applications/ is the directory where Xcode is installed. This tool performs the same checks that Gatekeeper uses to validate the code signatures of applications. The tool can take up to several minutes to complete the assessment for Xcode.
The tool should return the following result for a version of Xcode downloaded from the Mac App Store:
/Applications/Xcode.app: accepted
source=Mac App Store
and for a version downloaded from the Apple Developer web site, the result should read either
/Applications/Xcode.app: accepted
source=Apple
or
/Applications/Xcode.app: accepted
source=Apple System
Any result other than ‘accepted’ or any source other than ‘Mac App Store’, ‘Apple System’ or ‘Apple’ indicates that the application signature is not valid for Xcode. You should download a clean copy of Xcode and recompile your apps before submitting them for review.
Apple issued a statement in response to XcodeGhost over the weekend, noting that it has removed all infected apps it is aware of from the App Store and is working with developers to ensure they are using a legitimate version of Xcode.
"We’ve removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps."
XcodeGhost affected dozens, and possibly hundreds, of App Store apps. iPhone, iPad and iPod touch users should read what you need to know about XcodeGhost to learn more about the malware and how to keep yourself protected.
Popular Stories
Following its iPhone 16 event on Monday, Apple shared a PDF on its website with a list of all new features and changes coming with iOS 18. The list includes many features that were already announced, including Apple Intelligence, new customization options for the Home Screen and Control Center, a redesigned Photos app, several enhancements to the Messages app, a Passwords app, and more....
Apple today announced the latest lineup of iPhones, including the iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max. Pre-orders for these devices begin September 13, and if you plan on ordering from a cellular carrier in the United States, there will be plenty of options for discounts from the major carriers. AT&T is offering the iPhone 16 and iPhone 16 Pro at no cost with...
Will you be skipping the iPhone 16 Pro and waiting another year to upgrade? If so, we already have some iPhone 17 Pro rumors for you. Below, we recap key new features rumored for the iPhone 17 Pro models so far: 24MP front camera for all iPhone 17 models: All four iPhone 17 models will feature an upgraded 24-megapixel front-facing camera, according to Apple supply chain analysts Ming-Chi...
With the launch of the new iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max, Apple has discontinued some of its older iPhones. As of today, Apple is no longer selling the iPhone 13, and the iPhone 15 Pro and iPhone 15 Pro Max have been replaced with the iPhone 16 Pro and iPhone 16 Pro Max. The iPhone SE remains as Apple's most affordable device, with the iPhone 14 and iPhone...
Apple today announced the iPhone 16 Pro and iPhone 16 Pro Max—its latest flagship smartphones—featuring larger displays, an all-new Camera Control button, and the A18 Pro chip. The iPhone 16 Pro has a 6.3-inch display, while the iPhone 16 Pro Max features a 6.9-inch display—the biggest iPhone display ever. The borders around the display are the thinnest of any Apple device. The...
Apple today released a new firmware update for the AirPods Pro 2, including both the Lightning and USB-C versions. The firmware has a build number of 7A294, up from 6F8, and it is available for all AirPods Pro 2 users. Apple has been beta testing this update, but it is launching ahead of when iOS 18 becomes available next Monday. There are multiple features that Apple is adding to the...
Apple today held the "It's Glowtime" fall event to debut new iPhone 16 models, a new version of the Apple Watch, new AirPods, and more. It took Apple more than an hour and a half to introduce the new devices, but we've recapped everything in a quick 13 minute video for our readers who want a short but detailed overview of what's new. Subscribe to the MacRumors YouTube channel for more videos. ...