Summary: A new variant of the XCSSET macOS malware has been identified, aimed at stealing sensitive user information through enhanced code obfuscation and evolved infection techniques. The malware primarily targets Xcode projects and utilizes innovative persistence methods to remain undetected. Microsoft warns users to be vigilant with unofficial Xcode resources to avoid infection.
Affected: macOS users and developers
Keypoints :
- Enhanced obfuscation techniques utilizing Base64 and hexdump methods, complicating analysis.
- New persistence methods are implemented via zshrc and dock modifications.
- Infection strategies involve altered Xcode project configurations to deploy the payload effectively.
- Targets include sensitive data from browsers, chat applications, digital wallets, and the Notes app.