macOS Malware Caught Spying on Users May 25, 2021 06:58 GMT · Comment
New macOS Malware Last month, security researchers revealed that a notorious malware family exploited a never seen before flaw. The vulnerability enabled macOS security defenses to be bypassed and run unimpeded. There are indicators that macOS might have targeted again in the future. Jamf claims it has found evidence for a vulnerability that allows XCSSET to have access to parts of macOS that need permission, access to the microphone, camera, or record the screen, without consent. XCSSET was first found by Trend Micro in 2020 targeting Apple developers, particularly the Xcode projects used to code and create apps. By infecting app development projects, developers unconsciously spread malware to their users in a supply-chain-like attack defined by Trend Micro researchers. The malware is continuously developing, with later versions even aiming at Macs with the new M1 chip.