Apple Outlines Steps for Developers to Validate Xcode Following Malware Attack
Following last week's disclosure of new iOS malware called XcodeGhost, which arose from malicious versions of Xcode hosted on third-party servers, Apple has outlined instructions for developers to ensure the version of Xcode they are using is valid.

When downloading Xcode from the Mac App Store, or Apple's website so long as Gatekeeper is enabled, OS X automatically checks the app's code signature and validates it against Apple's code. If you must obtain Xcode elsewhere, follow these steps:
To verify the identity of your copy of Xcode run the following command in Terminal on a system with Gatekeeper enabled:
spctl --assess --verbose /Applications/Xcode.app
where /Applications/ is the directory where Xcode is installed. This tool performs the same checks that Gatekeeper uses to validate the code signatures of applications. The tool can take up to several minutes to complete the assessment for Xcode.
The tool should return the following result for a version of Xcode downloaded from the Mac App Store:
/Applications/Xcode.app: accepted
source=Mac App Store
and for a version downloaded from the Apple Developer web site, the result should read either
/Applications/Xcode.app: accepted
source=Apple
or
/Applications/Xcode.app: accepted
source=Apple System
Any result other than ‘accepted’ or any source other than ‘Mac App Store’, ‘Apple System’ or ‘Apple’ indicates that the application signature is not valid for Xcode. You should download a clean copy of Xcode and recompile your apps before submitting them for review.
Apple issued a statement in response to XcodeGhost over the weekend, noting that it has removed all infected apps it is aware of from the App Store and is working with developers to ensure they are using a legitimate version of Xcode.
"We’ve removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps."
XcodeGhost affected dozens, and possibly hundreds, of App Store apps. iPhone, iPad and iPod touch users should read what you need to know about XcodeGhost to learn more about the malware and how to keep yourself protected.
Popular Stories
After announcing new Mac and HomePod models last week, Apple adjusted its trade-in values for select devices in the United States.
iPhone trade-in values decreased by up to $80, and most Android smartphones also went down. Mac trade-in values remained unchanged or increased by up to $40 depending on the model, while some Apple Watch models increased in value and others decreased. Trade-in...
Apple's next-generation iPhone 15 Pro and iPhone 15 Pro Max are expected to be announced in September as usual. Already, rumors suggest the devices will have at least seven exclusive features not available on the standard iPhone 15 and iPhone 15 Plus.
An overview of the seven features rumored to be exclusive to iPhone 15 Pro models:A17 chip: iPhone 15 Pro models will be equipped with an A17...
While the new Mac mini with the M2 chip has a lower $599 starting price, the base model with 256GB of storage has slower SSD read and write speeds compared to the previous-generation model with the M1 chip and 256GB of storage.
A teardown of the new Mac mini shared by YouTube channel Brandon Geekabit reveals that the 256GB model is equipped with only a single 256GB storage chip, while the...
In a recent press release, Apple confirmed that iOS 16.3 will be released to the public next week. The software update will be available for the iPhone 8 and newer and includes a handful of new features, changes, and bug fixes.
Below, we've recapped bigger features in iOS 16.3, including support for physical security keys as a two-factor authentication option for Apple ID accounts, worldwide ...
The iPhone 15 will support Wi-Fi 6E, according to a research note shared this week by Barclays analysts Blayne Curtis and Tom O'Malley. The analysts did not specify whether the feature will be available on all models or limited to the Pro models.
Apple has added Wi-Fi 6E support to a handful of devices so far, including the latest 11-inch and 12.9-inch iPad Pro, 14-inch and 16-inch MacBook...
The new M2-series MacBook Pro and Mac mini models launched today, marking the debut of the first M2 Pro and M2 Max chips. We have the M2 Pro Mac mini on hand, and thought we'd take a look at the machine and do a series of benchmarks to see how it fits into Apple's lineup.
Subscribe to the MacRumors YouTube channel for more videos. Base model Mac mini machines come with either an M2 or M2 Pro...
Apple today released tvOS 16.3, the third major point update to the tvOS 16 operating system that originally came out in September. Available for the Apple TV 4K and Apple TV HD, tvOS 16.3 comes six weeks after tvOS 16.2, an update that added Apple Music Sing.
The tvOS 16.3 update can be downloaded over the air through the Settings app on the Apple TV by going to System > Software...
New 14-inch and 16-inch MacBook Pro models with the latest M2 Pro and M2 Max chips are available in Apple retail stores and are already in the hands of customers, and we picked up one of the new M2 Max machines to answer all of the questions MacRumors readers considering a purchase might have.
Subscribe to the MacRumors YouTube channel for more videos. Yesterday, we asked MacRumors fans on...
Top Rated Comments
Developers are to blame too--especially multi-person companies should know better. But the platform should still be protected from developers making mistakes--or being attacked in other as-yet-unknown ways that might make it possible to secretly modify their Xcode. After all, it's possible to choose to bypass the Mac's security features (like Gatekeeper), and some people have reasons to do so. Further checks from Apple's remote end are called for, I think.
Step 1: Download Xcode from Apple.com
Congratulations, you now have a genuine version of Xcode ;)