Microsoft claims that sophisticated malware is targeting Xcode, Apple’s integrated development environment for creating software tools on Mac computers.
On Monday, February 17, Microsoft Threat Intelligence said that it has discovered a new version of macOS malware called XCSSET, which infects developers’ Xcode projects in order to target users.
“While we’re only seeing this new XCSSET variant in limited attacks at this time, we’re sharing this information so users and organizations can protect themselves against this threat,” the company’s security research team said in a post on X.
First discovered in 2022, this specific malware family enables threat actors to attack digital wallets, gather information via the Notes app, and steal files and system data from vulnerable devices.
According to reports, zero-day vulnerabilities are used to spread the most recent XCSSET malware. It infects macOS devices with malicious programs using two novel techniques.
The first technique is known as the “zshrc” method, where the malware creates a file named ~/.zshrc_aliases which contains the payload. “It then appends a command in the ~/.zshrc file to ensure that the created file is launched every time a new shell session is initiated, guaranteeing the malware’s persistence across shell sessions,” Microsoft Threat Intelligence said.
The dock approach is another way that the XCSSET virus may infect machines. In order to control apps on the dock—the bar at the bottom of the macOS screen on Apple computers—this method entails downloading a utility.
The new XCSSET variant is also hard to detect as it “uses a significantly more randomised approach for generating payloads to infect Xcode projects.”
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
