Xcode Ghost

Discussion of general issues, not related to a specific Mac or iDevice operating system.
Post Reply
User avatar
Stephen Hart
Forum Member - Level 5
Forum Member - Level 5
Posts: 3043
Joined: Thu Apr 07, 2011 10:09 am

Xcode Ghost

Post by Stephen Hart » Tue Sep 22, 2015 9:36 am

Here's a pretty good article about the Xcode Ghost problem that's in the news.

Summary:
• Some developers in China downloaded a pirated (and altered) version of Xcode from a Chinese software-distribution site. :!:
• For that altered version of Xcode to start the first time, Gatekeeper had to be turned off or overridden. :!:
• New versions of some apps were compiled with this altered version of Xcode and contained malware.
• All those tainted versions have been removed from the App Store by Apple. :)

Xcode is Apple's free software development environment.


https://nakedsecurity.sophos.com/2015/0 ... e-present/
"Design is not just what it looks like and feels like. Design is how it works."
Steve Jobs

User avatar
Stephen Hart
Forum Member - Level 5
Forum Member - Level 5
Posts: 3043
Joined: Thu Apr 07, 2011 10:09 am

Re: Xcode Ghost

Post by Stephen Hart » Wed Sep 23, 2015 1:54 pm

More info:

http://www.macnn.com/articles/15/09/22/ ... ck.130521/

Here's the Apple explanation:

https://www.apple.com/cn/xcodeghost/#english

Key points from Apple:
Some developers downloaded counterfeit versions of Xcode that have been infected with malware and created apps that were just as infected.

Apple incorporates technologies like Gatekeeper expressly to prevent non-App Store and/or unsigned versions of programs, including Xcode, from being installed. Those protections had to have been deliberately disabled by the developer for something like XcodeGhost to successfully install.
We have no information to suggest that the malware has been used to do anything malicious or that this exploit would have delivered any personally identifiable information had it been used.
It's still not clear to me whether any of the tainted apps reached the US Apple Store. This article helps a bit, but not much:
http://www.cultofmac.com/389703/faq-eve ... tore-hack/
"Design is not just what it looks like and feels like. Design is how it works."
Steve Jobs

Post Reply

Who is online

Users browsing this forum: No registered users and 4 guests