Some Xcode projects containing malware have been identified by security researchers recently and they are considering this malware to be harmful to browsers including Safari.
Though the means are unknown researchers have agreed that malware is making its way into software projects of Mac with the discovery of XCSSET. Malware is a part of XCSSET. It gets itself incorporated via files and makes a way for the attacker so that they can command and control the attacked Mac. Through this, the infected system is totally in grip of the attacker to use it for various purposes according to his wishes. Personal data can be obtained and ransomware-style attacks can also be executed.
The Trend Micro company’s researchers have mentioned it to be “an unusual infection related to Xcode developer projects” and malware incorporates itself into the projects. The malware has a large number of payload possibilities. Developers have enough reasons to get worried about this malware.
After researching the nature of malware, the experts have found out that the malicious code is injected into local Xcode projects while the project is in the building process. The answer to the question of how the code is injected is still unknown.
Malware attacks Mac’s Safari and other browsers. After that obtaining personal data is a matter of time.
The two Xcode projects where malware has been found are not the widely used ones, thankfully, say, researchers. The number of victims is still limited. The experts always suggest users check their project integrity at least thrice to avoid malware attacks.
Affected inventors may unintentionally allocate the trojan to their users in the form of compromised Xcode projects and set up apps. To defend in contradiction of this kind of hazard, Trend Micro boosts users to just take on application programs from authorized marketplaces and contemplate multilayered safety solutions.