The Register Home Page

Search
Navigation

back to article XCSSET macOS malware returns with first new version since 2022

Microsoft says there's a new variant of XCSSET on the prowl for Mac users – the first new iteration of the malware since 2022. XCSSET has been seen in limited attacks thus far, but Apple devs should be especially vigilant since the main infection vector is via Xcode projects. The malware's main capabilities from 2022 remain. …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    Fantastic..

    .. that Microsoft finds all these fun things about other platforms.

    Now, if they would focus on reducing the TBs that we have to download every month because of the colander called Microsoft applications I'd be far more grateful.

    Every time someone gets breached, we hear from Redmond that they didn't patch properly, which is bull, so go fix that first. And don't bring out a new version of WIndows until you have that fixed.

    7 2 Reply

  2. This post has been deleted by its author

  3. Richard 12 Silver badge

    Inspect an xcode project?

    That's basically impossible!

    The format might be text-based but it's definitely not human-readable, and the xcode UI is explicitly designed to hide everything away.

    When does the payload get executed, anyway?

    2 0 Reply
  4. Yaffa_OS

    Hilarious

    I find it amusing that Microsoft is worried about MacOS vulnerability. Microsoft’s own OSes are like emmental cheese, full of holes. Month after month dozens of critical issues, zero days, etc. They should concentrate on fixing their own issues.

    4 1 Reply
    1. Al fazed
      Reply Icon
      WTF?

      Re: Hilarious

      Microsoft spends a lot of effort fixing the problems with their own OS.

      Sadly it just isn't enough effort.

      Maybe the effort should be applied before the release of each new Operating System ?

      But then again, with so many Microsoft apps like 365 running on MACs, it's maybe the Microsoft apps which are making everything else "Holy" ?

      ALF

      1 0 Reply
      1. collinsl Silver badge
        Reply Icon

        Re: Hilarious

        The problem is every OS is full of holes in one way or another - it's just going to happen with such a large code base.

        Whether or not they are a) found or 2) actively exploited is another matter, but no OS is perfect.

        Any new OS published by anyone written from the ground up will end up in the same state, you can't expect any of them to be perfect.

        Microsoft do put a very large amount of effort into getting holes patched, it's just that the usage base and visibility of the bugs and holes is such that their efforts will never appear to be enough.

        2 0 Reply
  5. Frank Bitterlich

    OK, I don't get it.

    All the reports about this malware are a bit unclear or ambiguous on the infection vector.

    The TrendMicro report says, "Affected developers will unwittingly distribute the malicious trojan to their users in the form of the compromised Xcode projects,..."

    Does that mean that the malware is passed on only in Xcode projects, and not in the built apps? Since when are developers distributing Xcode projects to their users? At first I thought this was a typo or something, but it also says: "These Xcode projects have been modified such that upon building, these projects would run a malicious code. This eventually leads to the main XCSSET malware being dropped and run on the affected system."

    So the malware is executed when an Xcode user builds an application (as opposed to injected into the product)? Or are they just completely confusing projects and products?

    Can someone with more understanding about this malware please clear things up a bit?

    1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like