Ondrej Holzman An unpleasant incident with the penetration of infected applications into the App Store, as happened at the beginning of the week, Apple would definitely not want to experience again. That's why it's taking precautions and encouraging developers to make sure they're using the right tools.
To the App Store with the beginning of the week received several applications infected with the dangerous XcodeGhost malware when Chinese developers they used fake versions of Xcode, which is used precisely for developing applications.
Due to the slow connection, it was too time-consuming for Chinese developers to download several gigabytes of Xcode from Apple's official servers, so they preferred an alternative they found on Chinese forums. However, it contained dangerous malware that allowed applications to collect user data.
"It only takes 25 minutes to download in the United States," Apple marketing chief Phil Schiller told the Chinese daily Sina with the fact that in China it can be up to three times longer due to slow connections. Apple has therefore decided to offer the official version of Xcode for download directly from Chinese servers.
According to Schiller, Apple is about to release a list of 25 apps that it knows have been infected by XcodeGhost, but fortunately, according to him, no user information was stolen.
The Californian company has already sent out an email to developers, telling them to download Xcode only directly from Apple, that is, from the Mac App Store or the developer's website, and to be safe, keep Gatekepeer turned on, which protects against damaged or malicious software.
