Apple recently removed a number of apps from their app store due to the XcodeGhost malware that was found in some apps.
The malware was found int apps that there created using fake versions of Xcode and it mainly affected developers in China.
Apple has now posted some guidelines for their developers on how they can check to see if their are running a valid version of Xcode.
We recently removed apps from the App Store that were built with a counterfeit version of Xcode which had the potential to cause harm to customers. You should always download Xcode directly from the Mac App Store, or from the Apple Developer website, and leave Gatekeeper enabled on all your systems to protect against tampered software.
Whether you downloaded Xcode from Apple or received Xcode from another source, such as a USB or Thunderbolt disk, or over a local network, you can easily verify the integrity of your copy of Xcode.
Developers can find out more information on how they can check if they are running a legitimate version of Xcode over at Apple at the link below.