Last year saw a truly dramatic rise in macOS malware. It’s not surprising that something like this would be created in 202o. The researchers provide more details about the malware on the SentinelOne website. “By sharing details of this campaign, we hope to raise awareness of this attack vector and highlight the fact that developers are high-value targets for attackers.” “However, the timeline from known samples and other indicators suggest that other XcodeSpy projects may exist,” warns Phil Stokes from SentinelLabs. SentinelLabs was only able to find one Xcode project on GitHub that had been made into a trojan horse. Number of malware Xcode projects is unknown
#Malware apple xcode install
To be clear, the malware could not install the back door into applications written by the developer. Reactions: kiensoy, Count Blah, Col4bin and 2 others. Its funny and scary that after years of Apple avoiding major viruses and malware on OSX, iOS will get the brunt of it. That gives the hacker access to the computer’s camera, keystrokes and microphone. XcodeGhost is a new iOS malware arising from a malicious version of Xcode, Apples official tool for developing iOS and OS X apps. The malware installs a custom version of the EggShell backdoor on the developer’s Mac. Some cybercriminal had taken a real open-source project and modified it for their own nefarious purpose then submitted it to this code repository. SentinelLabs was tipped to an Xcode project that had been turned into a trojan horse and posted on GitHub. And many devs turn to open-source code found on GitHub to save themselves from having to reinvent the wheel, metaphorically speaking. Xcode is the tool developers use to create software for all Apple computers, including Macs and iPhones.
0 kommentar(er)
