Apple Outlines Steps for Developers to Validate Xcode Following Malware Attack
Following last week's disclosure of new iOS malware called XcodeGhost, which arose from malicious versions of Xcode hosted on third-party servers, Apple has outlined instructions for developers to ensure the version of Xcode they are using is valid.
When downloading Xcode from the Mac App Store, or Apple's website so long as Gatekeeper is enabled, OS X automatically checks the app's code signature and validates it against Apple's code. If you must obtain Xcode elsewhere, follow these steps:
To verify the identity of your copy of Xcode run the following command in Terminal on a system with Gatekeeper enabled:
spctl --assess --verbose /Applications/Xcode.app
where /Applications/ is the directory where Xcode is installed. This tool performs the same checks that Gatekeeper uses to validate the code signatures of applications. The tool can take up to several minutes to complete the assessment for Xcode.
The tool should return the following result for a version of Xcode downloaded from the Mac App Store:
/Applications/Xcode.app: accepted
source=Mac App Store
and for a version downloaded from the Apple Developer web site, the result should read either
/Applications/Xcode.app: accepted
source=Apple
or
/Applications/Xcode.app: accepted
source=Apple System
Any result other than ‘accepted’ or any source other than ‘Mac App Store’, ‘Apple System’ or ‘Apple’ indicates that the application signature is not valid for Xcode. You should download a clean copy of Xcode and recompile your apps before submitting them for review.
Apple issued a statement in response to XcodeGhost over the weekend, noting that it has removed all infected apps it is aware of from the App Store and is working with developers to ensure they are using a legitimate version of Xcode.
"We’ve removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps."
XcodeGhost affected dozens, and possibly hundreds, of App Store apps. iPhone, iPad and iPod touch users should read what you need to know about XcodeGhost to learn more about the malware and how to keep yourself protected.
Popular Stories
Apple One allows you to subscribe to up to six Apple services for one discounted monthly price. There are three Apple One tiers: Individual, Family, and Premier.
Over the last month, the highest-end Apple One Premier plan has gained two additional perks.
Here is what Apple One Premier already included, for $37.95 per month:Apple Music
Apple TV+
Apple Arcade
Apple News+
Apple Fitness+...
Apple is planning for a major design overhaul of the iPhone, iPad, and Mac interfaces with the introduction of iOS 19, iPadOS 19, and macOS 16 later this year, reports Bloomberg. The update will "fundamentally change" the look of Apple's operating system, introducing a more consistent cross-platform experience.
Apple plans to update the style of icons, menus, apps, windows, and system...
Apple announced the infamous 12-inch Retina MacBook a decade ago today, an experimental new Mac that was as controversial as it was revolutionary.
Apple unveiled the 12-inch MacBook on March 9, 2015, at the "Spring Forward" event in San Francisco, California. The event was primarily focused on the Apple Watch, which was being fully detailed ahead of its launch the following month, so the...
Despite being released over two years ago, Apple's AirPods Pro 2 continue to dominate the wireless earbud market. However, with the AirPods Pro 3 expected to launch in 2025, anyone thinking of buying Apple's premium earbuds may be wondering if the next generation is worth holding out for.
Apart from their audio and noise-canceling performance, which are generally regarded as excellent for...
YouTuber iDeviceHelp on Friday posted a video that shows off mockups of Apple's forthcoming iPhone 17 models that are purportedly based on "internal documents." We're sharing the video here since it was made in collaboration with leaker Majin Bu, who last month published similar iPhone 17 renders that were widely corroborated by separate leakers with links to Apple's Chinese supply chain....
Apple is set to release iOS 18.4 in early April, bringing further refinements to Apple Intelligence features, a neat new capability to iPhone 15 Pro devices, new emoji, and more.
While not quite as packed with new features as Apple's preceding iOS 18 point releases, iOS 18.4 still introduces enhancements that aim to make your iPhone smarter and more intuitive. Below, we've listed 12 new...
Apple employees are internally testing iOS 18.3.2 for iPhones, according to our website's visitor logs, which have been a reliable indicator of upcoming iOS versions. The software update should be released in the next week or two.
iOS 18.3.2 will be a minor update that addresses software bugs and/or security vulnerabilities. Don't expect any new features.
iOS 18.3.2 will be an interim...
Apple's all-new ultra-thin iPhone 17 Air shares the same dimensions as the iPhone 17 Pro Max, with the only difference being in the thickness of the devices, according to the leaker Ice Universe.
Posting to their Weibo account, the Chinese leaker today claimed that the iPhone 17 Air and iPhone 17 Pro Max have identical body length, width, screen size, and bezels. "The only difference is the...
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices.
iPhone 17 Pro's alleged design via Front Page Tech
Below, we recap key changes rumored for the iPhone 17 Pro models as of March 2025:
Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone...
