Apple Outlines Steps For Validating Xcode Following XcodeGhost Malware Outbreak
Following the recent XcodeGhost malware outbreak on the iOS App Store, Apple has outlined steps how users / developers can validate the installation of Xcode installed on their Mac.
According to Apple:
To verify the identity of your copy of Xcode run the following command in Terminal on a system with Gatekeeper enabled:
spctl --assess --verbose /Applications/Xcode.app
where /Applications/ is the directory where Xcode is installed. This tool performs the same checks that Gatekeeper uses to validate the code signatures of applications. The tool can take up to several minutes to complete the assessment for Xcode.
The tool should return the following result for a version of Xcode downloaded from the Mac App Store:
source=Mac App Store
and for a version downloaded from the Apple Developer web site, the result should read either
Now, if you get a response apart from the above mentioned ones, it means that you're running a copy of Xcode that comes from a source other than Apple. In that case, it's highly advised that you instantly remove Xcode from your Mac and download a legit copy either from the Mac App Store or directly from the Apple Developer Program website. We can't emphasize on this enough, and really encourage the fact that developers go ahead with legit and valid copies of development software, whether it be Apple's or someone else's.
The XcodeGhost malware made its way to the App Store and Apple was swift enough in removing all the apps which were infected. Big name apps and games like Angry Birds 2, WeChat and CamCard managed to find themselves in the crosshair, but sadly, the damage had already been done.
While there has been no report so far of users complaining that their key credentials have been stolen following the attack, it's now up to the developers to make sure that they use legit software to conjure up apps and games, ensuring that such a thing never happens again.
Given the scale of the outbreak, there should be no doubt left in the fact that Apple will indeed tighten its app review process going forward. While this would mean that the company would scrutinize titles well under the microscope before giving them a go ahead, but in the end we'll be left with something which we know won't end up stealing our private data.
If you're a developer, please make sure that you're running a legit version of Xcode.