Mac malware spreads through Xcode projects, abuses WebKit, Data Vault vulnerabilities

[silversurfer]

Content source

https://www.zdnet.com/article/mac-malware-spreads-through-xcode-projects-abuses-previously-unknown-vulnerabilities/

Xcode projects are being exploited to spread a form of Mac malware specializing in the compromise of Safari and other browsers.

The XCSSET malware family has been found in Xcode projects, "lead[ing] to a rabbit hole of malicious payloads," Trend Micro said on Thursday.

In a paper (.PDF) exploring the wave of attacks, cybersecurity researchers said an "unusual" infection in a developer's project also included the discovery of two zero-day vulnerabilities.

Xcode is a free integrated development environment (IDE) used in macOS for developing Apple-related software and apps.

Full report by researchers:

XCSSET Mac Malware Infects Xcode Projects Uses 0Days

Further investigation led us to a developer’s Xcode project that contained XCSSET source malware, which leads to a rabbit hole of malicious payloads. Most notable in our investigation is the discovery of two zero-day exploits.

blog.trendmicro.com