Surely you already know that several apps have been infected with the XcodeGhost malware, as
Apple has currently emailed developers with instructions on how to test their version of Xcode to prevent similar incidents in the future.
Advertising
Advertising
We recently removed apps from the App Store,that were created using a fake version of Xcode that crippled customers. You should always download Xcode directly from the Mac App Store, or on the Apple Developer website, and leave Gatekeeper enabled on all of your anti-fraud software systems.
Gatekeeper automatically verifies code signingfor Xcode and confirms that this code is signed by Apple. However, if developers downloaded Xcode from another source, then they should follow these steps to verify the integrity of their version of Xcode:
To verify the authenticity of your copy of Xcode, run the following command in the terminal of the system with Gatekeeper enabled:
Advertising
Advertising
spctl -assess -verbose /Applications/Xcode.app
where /Applications/ is the directory where it is installedXcode. This tool performs the same checks as Gatekeeper, using application code signatures to verify. It may take a few minutes to complete the Xcode assessment.
The tool should return the following result for the version of Xcode downloaded from the Mac App Store:
/Applications/Xcode.app: accepted
source=Mac App Store
and for the version downloaded from the Apple developer website, the result should read either
/Applications/Xcode.app: accepted
source=Apple
Or
/Applications/Xcode.app: accepted
source=Apple System
Any result other than 'accepted' or anysource other than “Mac App Store ‘, ‘Apple System’ or’ ‘Apple shows that the app signature is not valid for Xcode. You must download a clean copy of Xcode and recompile your applications before submitting them for review.
Surprisingly, iOS apps infectedthe malware went through the rigorous App Review process. So it remains to be seen what steps Apple will take to test applications that do not contain malware on the App Store.
You can use the Pangu command tool to find out if there are any apps infected with XcodeGhost malware installed on your iOS device.