The updated malware, which spreads via infected Xcode projects, introduces advanced evasion tactics and persistence mechanisms to bypass security defenses.
Microsoft has warned that a new variant of XCSSET malware is actively targeting macOS users, marking the first update to the malware since 2022.
This latest version has been observed in limited attacks but introduces stronger evasion tactics, updated persistence mechanisms, and new infection strategies that make it more difficult to detect and remove. The malware, which spreads through infected Xcode projects, continues to pose a significant threat to developers and enterprises relying on Apple’s software development ecosystem.
“The latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies,” Microsoft said in its report posted on X. The malware retains its previous capabilities, including stealing digital wallet data, collecting sensitive files, and exfiltrating user information.
Microsoft has urged macOS developers to remain vigilant and thoroughly inspect Xcode projects before use.
New stealth and persistence techniques
The new XCSSET variant employs advanced obfuscation techniques to evade detection. According to Microsoft, the malware randomizes encoding techniques and iterations, incorporating Base64 encoding alongside traditional xxd (hexdump) encoding to make analysis more difficult.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
