Mac Users Targeted by Spyware Spreading via Xcode Projects
A new campaign uncovered by cybersecurity researchers is targeting Mac users and spreading the XCSSET malware suite. This malware variant has the capability to take over the Safari web browser, as well as insert malicious payloads that have the ability to steal passwords, personal information, financial data, and more.
The XCSSET suite also contains a ransomware module that can be used to inject ransomware onto a device. The campaign leverages a pair of zero-day exploits. The infections are using Xcode developer projects that have been turned into threats by the campaign operators by injecting malware into them. Trend Micro discovered the campaign when one researcher learned that a developer’s Xcode project contained the source malware.