iOS malware was found in the App Store earlier this month after developers in China used tainted copies of Xcode downloaded from non-Apple servers in the country when building their apps. Researchers at Palo Alto Networks found 39 iOS apps in the App Store infected with malware as a result, putting iPhone users in China at risk. In the following days, Chinese researchers claimed to have found nearly 4,000 more infected apps.
Apple this week told Reuters that it was working with developers to make sure they're using the proper version of Xcode to rebuild any infected apps, with victims including WeChat, PDF Reader, WinZip, Pocket Scanner, CamCard, and others.
On Tuesday the company extended the advice to all developers, urging them to stay within Apple's software 'walled garden'.
"You should always download Xcode directly from the Mac App Store, or from the Apple Developer website, and leave Gatekeeper enabled on all your systems to protect against tampered software," Apple said.
Gatekeeper was introduced by Apple for OS X in 2012 as a way of verifying that an app isn't known malware and that it hasn't been tampered with. It's been found not to be entirely foolproof but at least requires developers to sign their apps with a Developer ID supplied by Apple. The default setting in OS X 10.10.5 Yosemite is for Gatekeeper to be enabled, which restricts downloads to the Mac App Store and identified developers.
"When you download Xcode from the Mac App Store, OS X automatically checks the code signature for Xcode and validates that it is code signed by Apple. When you download Xcode from the Apple Developer website, the code signature is also automatically checked and validated by default as long as you have not disabled Gatekeeper," Apple said on Tuesday.
As some security experts have noted, however, it's very likely that developers in China will still turn to pirated copies of Xcode despite the fact the legitimate software is available free from Apple, as China's internet filter makes it impractical to download files from servers hosted outside the country.
Dave Aitel, founder of ImmunitySec, this week relayed his account of a visit to a partner in China that illustrates why Apple is likely to see a repeat of the Xcode incident.
"When we asked one of our partners (a major Chinese company you would have heard of even here) to download VMWare Player (which is free), he immediately reached out to one of the Chinese pirate sites to grab an old copy of cracked VMWare Workstation. He was not wrong: Actually browsing to VMWare.com itself would have taken literally forever, even though he is connected at his desk to one of the fastest networks on Earth," wrote Aitel.
He continued: "Not only is the recent XCode hack going to happen again and again, it is in some ways a uniquely Chinese problem and allows them to pressure Apple and similar companies to put infrastructure inside China to solve, which is interesting."
Apple, however, does provide Terminal commands to verify the identity of the copy of Xcode in scenarios where developers download Xcode from sources other than Apple, such as a USB drive or over a local network.
Read more
Apple tells devs to validate Xcode after App Store malware breach. Apple has reminded developers to verify their copy of Xcode before submitting iOS apps, but it
Apple tells devs to validate Xcode after App Store malware ...
Apple tells devs to validate Xcode after App Store to report the App Stores security breach, to validate Xcode after App Store malware breach
Latest USB Security News | My Blog
Apple tells devs to validate Xcode after App Store malware breach As some security experts have noted however, it's very likely that developers in China
Apple tells devs to validate Xcode after App Store malware ...
Apple tells devs to validate Xcode after App Store for Developers to Validate Xcode Following Malware Xcode from the Mac App Store,
Apple tells devs to validate Xcode after App Store malware ...
Apple tells devs to validate Xcode after App Store malware breach. ZDNet Thursday 24th September, 2015. Apple has reminded developers to verify their copy of Xcode
Apple tells devs to validate Xcode after App Store malware ...
Apple tells devs to validate Xcode after App Store malware breach. ZDNet Thursday 24th September, 2015. Apple has reminded developers to verify their copy of Xcode
Technology News, Analysis, Comments and Product Reviews ...
Apple tells devs to validate Xcode after App Store malware breach. Apple has reminded developers to verify their copy of Xcode before submitting iOS apps, but it
Apple tells devs to validate Xcode after App Store malware ...
Apple tells devs to validate Xcode after App Store malware breach; Apple tells devs to validate Xcode after App Store malware breach 23 September 2015, 10:49 am
Apple tells devs to validate Xcode after App Store malware ...
Apple tells devs to validate Xcode after App Store malware breach Added: 23.09.2015 8:49 | 1 views | 0 comments
Apple tells devs to validate Xcode after App Store malware ...
Apple has reminded developers to verify their copy of Xcode before submitting iOS apps, but it probably won't stop Chinese developers from using pirated