New Mac malware spreads via Xcode projects2020-08-17 18:55 by Daniela
Tags: Mac, malware, Xcode
Hackers have been trying to hijack Mac computers by secretly placing malware inside software projects from third-party developers.
Researchers at Trend Micro discovered what the company describes as "an unusual infection related to Xcode developer projects," where malware would incorporate itself into the project itself. The malware was found to have multiple payload possibilities, and though it poses a potential risk to end users using software developed via Apple's IDE, it actually seems to be a bigger issue for the developers themselves.
The discovery poses a significant risk for Xcode developers. Trend Micro identified developers affected by the malware who share their projects via GitHub, leading to a potential supply-chain attack for users who rely on repositories for their own projects. Google's VirusTotal scanning software managed to identify the malware, which indicates the threat is at large.
Affected developers may unwittingly distribute the trojan to their users in the form of compromized Xcode projects and built applications. The malware is particularly dangerous because verification methods, such as checking hashes, would not identify infection as the developers would be unaware that they are distributing malicious files.
To protect against this type of threat, Trend Micro encourages users to only download apps from official marketplaces and consider multilayered security solutions.
Read more -here-