XcodeGhost Prompts Apple to Host Xcode Installers on China Servers

After developers in China inadvertently exposed the App Store to a slew of malware-laden iPhone and iPad apps, Apple has confirmed it will start hosting copies of its Xcode installer on servers inside the country. Developers had been downloading unofficial Xcode installers from in-country servers to avoid the poor bandwidth the experience when trying to deal with China's Internet content filtering system.

Apple: We'll put Xcode on servers in ChinaApple: We'll put Xcode on servers in China

The malware, dubbed XcodeGhost was added into the Xcode installers developers were getting from non-Apple servers inside China. The malware was injected into the iOS apps they compiled without their knowledge, and then managed to get past Apple's screening process and onto the App Store.

XcodeGhost wasn't limited to small-time apps. It also appeared in popular apps such as the popular messaging app WeChat, and the Chinese version of Angry Birds 2.

Apple pulled all of the infected titles from the App Store and has been working with developers in China to make sure this doesn't happen again. Worldwide Marketing VP Phil Schiller confirmed Apple will start offering Xcode downloads from servers inside China, which should help kill the incentive to download the company's developer tools from alternate sources.

Some Chinese developers blame Apple for the problem instead of their government's efforts to sensor Internet content. App developer Feng Dahui told Reuters, "Apple doesn't care enough about Chinese developers, nor does it value Chinese users."

That sentiment is in part what led to XcodeGhost making its way into otherwise legit apps. Developers in China don't see a problem with turning to non-legit sources for Xcode downloads.

Hopefully Apple has addressed that problem, and hopefully has also found a fix to ensure malware like XcodeGhost doesn't slip past its app screening process again.