[Xcode] Checking and Verification of XcodeGhost Issue

These days, the XcodeGhost issue has made all iOS developers in China panic. If you use a non-officially downloaded Xcode for compiling and releasing your app, the compiled app will be injected with malicious code. This malicious code will upload machine-related data to a specific server ( Even worse, the variant of the malicious code will hijack all pop-up dialogs in the app.

Here is a simple checking method: 1. Go to the following directory: /Applications/ 2. If the directory contains the following content, congratulations, you have been infected. The normal Xcode does not have: Library/Frameworks/CoreServices.framework/CoreService

Apple has provided a method to verify Xcode, which requires users to execute the following command in the terminal:

spctl --assess --verbose /Applications/

If Xcode is downloaded from the Mac App Store, it will return:

/Applications/ accepted
source=Mac App Store

If it is downloaded from the Apple Developer website, it will return:

/Applications/ accepted


/Applications/ accepted
source=Apple System

Apple recommends developers to download Xcode from the Mac App Store or the Apple Developer website and enable the Gatekeeper feature. OS X will automatically check the application's signature and perform verification. However, for developers, habitually disabling Gatekeeper is useless.

Finally, @唐巧_boy

Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.