Malware News Microsoft Warns of Improved XCSSET macOS Malware

[Brownie2019]

Content source

https://www.securityweek.com/microsoft-warns-of-improvements-to-xcsset-macos-malware/

Microsoft has observed a new variant of the XCSSET malware being used in limited attacks against macOS users.
A new variant of the sophisticated XCSSET malware has been observed in recent, limited attacks against macOS users, Microsoft reports.
First seen in 2020, XCSSET spreads through Apple Xcode, the integrated development environment for macOS: threat actors inject malicious code into Xcode projects, and the victim’s system is infected when the project is executed.
The malware was designed to steal information associated with numerous chat applications, take screenshots, inject JavaScript code into websites, encrypt files and drop ransom notes, and upload files to the attackers’ server.
At the time of discovery, it was also exploiting two zero-day vulnerabilities to steal a Safari cookie file and to run the development version of the browser when the victim attempted to launch Safari.

Read more:

Microsoft Warns of Improved XCSSET macOS Malware

Microsoft has observed a new variant of the XCSSET malware being used in limited attacks against macOS users.

www.securityweek.com