Home
Apps
Apps News
Malicious iOS Apps: Apple Urges Developers to Validate Their Xcode Installation

Malicious iOS Apps: Apple Urges Developers to Validate Their Xcode Installation 24326m

By Manish Singh | Updated: 23 September 2015 14:31 IST

ment

Less than a week after confirmed that about 40 apps in the iOS App Store are affected with malicious code, or malware, the Cupertino-giant is urging developers to validate their copy of Xcode, its suite of developer tools that is used to develop apps for iOS and OS X. e6n6c

The company has sent a reminder to developers via email and a message posted on its website noting that they should only use Xcode ed from the Mac App Store or the company's official developer website.

The email comes days after several Chinese app developers including some associated with big brands such as WeChat, Didi Kuaidi, and CamCard, among others, were caught intentionally bying warnings from Apple's "Gatekeeper" software while installing a counterfeit version of Xcode. These developers, it is worth pointing out, didn't deliberately do this to make their products less secure, but instead, they did it because China's Great Firewall makes it slower to access and files hosted on US servers. This is the reason many used Baidu, a file-sharing website - where a version of Xcode was hosted - to a copy of the app developing program. As it turned out, the version of Xcode hosted on Baidu was compromised.

"We recently removed apps from the App Store that were built with a counterfeit version of Xcode which had the potential to cause harm to customers. You should always Xcode directly from the Mac App Store, or from the Apple Developer website, and leave Gatekeeper enabled on all your systems to protect against tampered software," the company notedon its developer website.

(Also see: Apple Hack Exposes Flaws in Building Apps Behind 'Great Firewall')

Gatekeeper ships with Xcode. If the copy of Xcode they had ed from any other source was genuine, they wouldn't have needed to disable Gatekeeper at all.

"When you Xcode from the Mac App Store, OS X automatically checks the code signature for Xcode and validates that it is code signed by Apple. When you Xcode from the Apple Developer website, the code signature is also automatically checked and validated by default as long as you have not disabled Gatekeeper. Whether you ed Xcode from Apple or received Xcode from another source, such as a USB or Thunderbolt disk, or over a local network, you can easily the integrity of your copy of Xcode."

Of course, many third-party utilities on OS X continue to be unsigned, so it's possible that developers had disabled Gatekeeper to run those apps, and thus compromised copy of Xcode slipped under the radar.

For s who're affected, it is suggested that they change the of their Apple ID. One should also not engage with a push dialog box asking for personal information. As noted by security firm before, it has been found that "XcodeGhost" may have been able to push dialog boxes to s' devices asking for personal information. Apple's VP of Marketing Phil Schiller, meanwhile, has assured that Apple doesn't know of any cases where these malicious apps transmitted information, which is always comforting to know. The company has set up a page on its website to let s know about this hack, and offer answers to many of the questions they might have. Apple also plans to alert s who have ed the affected apps.

(Also see: Apple Plans Steps to Prevent Future App Store Attacks)

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.