​Apple to ween Chinese iOS devs off pirated Xcode with faster downloads

Apple says it is working out a way to give Chinese developers faster access to Xcode tampered copies were used to slip thousands of infected iOS apps into the App Store.

The move is aimed at addressing Chinese developers who resort to locally hosted pirated copies of Xcode despite the fact its freely available from Apple. Hackers published tampered with versions of Apple’s developer tool, resulting in thousands of legitimate but infected iOS apps slipping into the App Store.

"We’re working to make it faster for developers in China to download Xcode betas," Apple says a Q&A about the incident.

Apple began mopping up its App Store on Sunday after several security firms reported what’s turned out to be around 4,000 iOS apps infected with malware known as XcodeGhost.

On Wednesday Apple advised developers to download Xcode from the Mac App Store or from its developer website, as well as enabling the OS X security feature Gatekeeper to validate the copy of Xcode isn’t tampered with. Copies available from these sources are signed by Apple with its Developer ID.

It didn’t however address the reason why Chinese developers were choosing to install pirated copies of Xcode when the real version was freely available. Slow download speeds, thought to be caused by China’s internet filter, make it painfully slow to download files from servers located outside China and has given some security experts cause to believe similar incidents will almost certainly occur.

US security and website accelerator firm CloudFlare this week announced a partnership with Chinese search firm Baidu to address this issue of slow access to foreign websites.

Apple chief of marketing Phil Schiller acknowledged the challenges Chinese developers face this week in China, explaining that Xcode took 25 minutes to download in the US compared with three hours from China. According to AppleInsider, Apple will soon start hosting a copy of Xcode on Chinese servers.

Apple has also published a list of the top 25 apps that were infected with the malware, which include WeChat, Uber rival Didi Taxi and BaiduMusic.

Read more: Researcher finds iOS flaw to bypass App Store code signing

“After the top 25 impacted apps, the number of impacted users drops significantly,” Apple said.

“We’re not aware of personally identifiable customer data being impacted and the code also did not have the ability to request customer credentials to gain iCloud and other service passwords,” it added.

“Developers are quickly updating their apps for users. Malicious code could only have been able to deliver some general information such as the apps and general system information.”

Read more: New Sydney office anchors iSIGHT's Australian threat-intelligence expansion

Blast from the past?

Try our new Space Invaders inspired video game NOW.

What score can you get ?

Join the CSO newsletter!

Error: Please check your email address.

Tags iOS devs​AppleChinesapp storePhil SchillerXcodeChinese developersCSO Australia

More about AppleApple.QUber

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place