Cyber security news for all

More

    Xcode takes advantage of gaps to steal user data from browsers

    A new malware seems to target developers who work with Apple’s programming environment Xcode. A security company has discovered a malware classified as unusual that can nestle in Xcode projects: The malicious code is injected into Xcode on the Mac and apparently executed as soon as the software is compiled.

    The malware then tried to use two exploits to manipulate the browser used by the user – including specifically the developer version and to access data. The malware named XCSSET can also take screenshots and read data from apps such as Skype and Telegram. Ransomware functions for encrypting files are also integrated and can be armed on the server, say the security experts in their analysis. Trend Micro published the new damage in the Mac And from a study.

    Xcode

    It seems particularly problematic that the malware can spread over already infected Xcode projects if these are made available. Several developers affected by the malware have been identified who have made their Xcode projects available to third parties via the online platform. The original source of the pest is still unknown. During the investigation of the attackers server, a list of collected IP addresses of many victims was found, the majority of whom are from China.

    It Is Unclear How The Malware Gets Into The Xcode Projects

    Its code is executed as soon as a project is created. These systems will probably be used primarily by developers, explained the researchers. These Xcode projects have been modified to run malicious code. This ultimately leads to the XCSSET malware being smuggled in.

    The distribution method used can only be called clever. Affected developers will unwittingly distribute the malicious trojan to their users in the form of the compromised Xcode projects, and methods of verifying the distributed file would not help as the developers would not know they were distributing malicious files.

    Recent Articles

    Unclear cyber attacks that target Covid-19 vaccine campaign

    Security researchers have discovered some cyber attacks that are targeted against the delivery of vaccine against COVID. The targeted attacks began in 2 months...

    New malware called Egregor is on the rise

    New malware is on the rise. The Egregor malware has only been in active for 2 months, but it is already becoming apparent that...

    Anyone with a smartphone can become a victim of cyber-mobbing

    Cyber-mobbing is becoming a huge risk in the current COVID crisis. According to a study, almost 20 percent of students in Germany are exposed...

    macOS Trojans: Traces lead to Vietnam

    Security researchers have discovered a new macOS Trojans. Behind this could be a well known hacker group that has spied on Vietnamese dissidents in...

    Court forces Tutanota to perform a surveillance function

    Tutanota email only stores its user mails in encrypted form and cannot read them itself. Tutanota is one of the few email providers that...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox