A week ago we told you about the appearance of Malware that could easily spread by Xcode and affect developers especially. Seven days later there is new information and the truth is that it is not at all encouraging. The new thing that has been discovered is that this harmful malware, it could also reach the Mac App Store and affect more applications.
The researchers of this Malware, Oleksandr Shatkivskyi and Vlad Felenuik, have provided more information about their investigation, in an exclusive interview for the online medium MacRumors. The malware, which is part of the XCSSET family, is an "unusual infection" that injects itself into Xcode projects. When the project is compiled, malicious code runs. This can lead to "a malicious payload rabbit hole," and poses a significant risk to Mac users.
Malware was identified and it was concluded that it could affect above all, to the browsers that we have installed on the Mac. It didn't matter if it was Safari or Chrome. It was able to find a vulnerability to read and dump cookies, create backdoors in JavaScript and, in turn, modify displayed websites, steal private banking information and passwords, and block password changes.
It was also found to be able to steal app info such as Evernote, Notes, Skype, Telegram, QQ, and WeChat, take screenshots, upload files to the attacker's specified server, encrypt files and then request a payment to release these files.
Being a Malware that is difficult to identify, developers may be creating applications that contain it without knowing it. They are uploading them to the Mac App Store, with the danger that this entails, since Apple could not identify the existence of it either.
So, developers are advised to do not download page repositories where they usually do. For example GitHub.