Clearly competitors are behind this criminal act
Fake XCode installers with illegal authorization keys that someone inside Apple must have authorized to make them work.
And the ability for these illegal keys to bypass all Apple security measures both automatic binary code checking, API calls and then even any manual review of the apps inside Apple...
It clearly is beyond just fishy. Someone paid people inside Apple to do these criminal acts.
And competitors are the only ones getting something out of it trying to damage Apple.