Apple sweeps aside App Store malware mess
In the aftermath of the big App Store security breach, today Apple reminds developers where they should obtain Xcode. It's not rocket science—from sanctioned distribution sources. I received an email this morning from the company, dispatched to members of its developer program.
To recap: As the new week dawned, Apple rushed to remove content from its Chinese App Store loaded with XcodeGhost malware. Developers using a counterfeit version of Xcode caused the first, major, widespread security crisis for the seven year-old App Store.
Question to ask: Is Apple resting on its security laurels? I ask because reports of the breach broke online days before the company responded by pulling polluted apps. There's action now, as today's email to developers indicates.
The company writes:
We recently removed apps from the App Store that were built with a counterfeit version of Xcode which had the potential to cause harm to customers. You should always download Xcode directly from the Mac App Store, or from the Apple Developer website, and leave Gatekeeper enabled on all your systems to protect against tampered software.
When you download Xcode from the Mac App Store, OS X automatically checks the code signature for Xcode and validates that it is code signed by Apple. When you download Xcode from the Apple Developer website, the code signature is also automatically checked and validated by default as long as you have not disabled Gatekeeper.
Whether you downloaded Xcode from Apple or received Xcode from another source, such as a USB or Thunderbolt disk, or over a local network, you can easily verify the integrity of your copy of Xcode. Learn more.
Apple offers additional information about validating Xcode from the "learn more" link.
If you're wondering which apps to worry about, some are quite popular, including the Chinese version of Angry Birds 2.
Full list from Lookout security.
Palo Alto Networks provides details on the attack vectors and how to circumvent them.
Photo Credit: Shutterstock/iravgustin