Maybe you all know that .app bundle is easily accessible for reading via such tools like iExplorer (surpirise for those who thought only iTunes File Sharing allows to access data on iPhone). Maybe you've also read iOS Programming Guide, section entitled 'Installing App-Specific Data Files as First Launch'. Related paragraph estates:

"... Because iOs apps are code signed, modifying files inside your bundle invalidates your app's signature and prevents your app from launching in the future. ..."

That's obivously false, at least to some point.

I've tried to modify several files within SEVERAL free third-party apps purchased from AppStore and sucessfully modified content of several files. Voala, app launched without any problem. The thing is, that I've used iExplorer mentioned above, no hacking, cracking, jail-breaking. Just a development-enabled device, and published, reviewed apps.

What should I do?

The code signing is only verified when the app is installed on the device through iTunes, Xcode, the iPhone Configuration Utility, etc. So the wording of the programming guide is a little misleading.

This probably comes down to performance - there are some very large apps out there and having to verify the checksum of all the application's resources every time it is launched would take too long.

And the point of code signing is not really to prevent tampering, but to detect tampering. Or more correctly, it's simply a way to state that you built this specific binary with these specific resources. The attacker could completely remove the code signing if they wanted.

So there will always be ways to modify an application's resources or even code through debugging, etc. You can't really protect against this.