Apple has a list of the top 25 iPhone and iPad apps infected with XcodeGhost, and an explanation for how counterfeit versions of its Xcode tools were installed: developers in China intentionally shut off OS X's Gatekeeper feature. Without Gatekeeper running, there wasn't a failsafe in place to alert developers that they installed malware on their own computers.
The Mac Observer Spin The Mac Observer Spin is how we show you what our authors think about a news story at quick glance. Read More →
Developers downloaded Xcode from non-Apple servers and disabled Gatekeeper. How could they not expect to be writing malware-laden apps? Still, that doesn't let Apple off the hook for failing to catch the infected titles.