08-15-2020 , 10:54 PM
https://www.cybersafe.news/mac-malware-s...-projects/ Mac malware spreads through Xcode projects
The XCSSET suite of malware abuses WebKit, Data Vault vulnerabilities.
Priyanka RBy PRIYANKA R 8 hours ago The Xcode projects are exploited to spread a Mac malware that can compromise Safari and other browsers.
The XCSSET malware family has been found in Xcode projects, leading to a rabbit hole of malicious payloads.
According to the security researchers at Trend Micro, an unusual infection in a developer’s project also included the discovery of two zero-day vulnerabilities.
Xcode is a free integrated development environment (IDE) used in macOS for developing Apple-related software and apps.
Even though it is not clear how the XCSSET finds its way into Xcode projects, once embedded, the malware runs when a project is built.
It is presumed that these systems would be primarily used by developers. These Xcode projects have been modified such that upon building, these projects would run a malicious code. This eventually leads to the main XCSSET malware being dropped and run on the affected system.
Several impacted developers have shared their projects on GitHub, which could result in “supply chain-like attacks for users who rely on these repositories as dependencies in their own projects.”
After getting into a vulnerable system, XCSSET grips on browsers including the development version of Safari, using vulnerabilities to steal user data.
The XCSSET suite of malware abuses WebKit, Data Vault vulnerabilities.
Priyanka RBy PRIYANKA R 8 hours ago The Xcode projects are exploited to spread a Mac malware that can compromise Safari and other browsers.
The XCSSET malware family has been found in Xcode projects, leading to a rabbit hole of malicious payloads.
According to the security researchers at Trend Micro, an unusual infection in a developer’s project also included the discovery of two zero-day vulnerabilities.
Xcode is a free integrated development environment (IDE) used in macOS for developing Apple-related software and apps.
Even though it is not clear how the XCSSET finds its way into Xcode projects, once embedded, the malware runs when a project is built.
It is presumed that these systems would be primarily used by developers. These Xcode projects have been modified such that upon building, these projects would run a malicious code. This eventually leads to the main XCSSET malware being dropped and run on the affected system.
Several impacted developers have shared their projects on GitHub, which could result in “supply chain-like attacks for users who rely on these repositories as dependencies in their own projects.”
After getting into a vulnerable system, XCSSET grips on browsers including the development version of Safari, using vulnerabilities to steal user data.