The heart of tech

This article was published on September 22, 2015


Apple asks developers to ensure their Xcode install isn’t infected

Apple asks developers to ensure their Xcode install isn’t infected
Owen Williams
Story by

Owen Williams

Former TNW employee

Owen was a reporter for TNW based in Amsterdam, now a full-time freelance writer and consultant helping technology companies make their word Owen was a reporter for TNW based in Amsterdam, now a full-time freelance writer and consultant helping technology companies make their words friendlier. In his spare time he codes, writes newsletters and cycles around the city.

Following the infection of the App Store with malware from modified versions of Xcode, Apple has emailed registered developers today asking them to ensure their installation of its developer tools is legitimate.

The flaw spread wide as developers in China and other countries with slow internet access downloaded Xcode from local sources instead of Apple directly. Those alternate sources were modified to contain malware that could be remotely controlled once an app was compiled and sold on the App Store.

The email sent to developers today reminds them to only download Xcode from Apple’s store and Gatekeeper, OS X’s protection, should be left enabled:

You should always download Xcode directly from the Mac App Store, or from the Apple Developer website, and leave Gatekeeper enabled on all your systems to protect against tampered software.

Apple says this method ensures the code signature is valid and not tampered with. If you downloaded it from somewhere else, Apple says you should verify the installation by running the following command:

spctl –assess –verbose /Applications/Xcode.app

Running that should return the following results:

/Applications/Xcode.app: accepted
source=Apple

or

/Applications/Xcode.app: accepted
source=Apple System

If the command returns any other result, it means the Xcode installation has been tampered with and should be removed and re-downloaded before compiling iOS applications.

Apple has removed apps affected by the Xcode breach, but is eager to emphasize that other sources of its developer tools cannot be trusted.

Validating Your Version of Xcode [Apple]

Image credit: Shutterstock / Thanks for the tip Matthijs

Also tagged with