Categories: News

Apple: Deadly Mac malware discovered that installs a backdoor

SentinelLabs programmers have discovered life-threatening malware on various Apple products that installs a dangerous backdoor

A very fresh new news comes from the programmers department in security scope by SentinelLabs. The latter have recently identified a new malware for macOS which targets Xcode developers. By exploiting the functionalities within the platform it manages to autoinstallarsi in systems by then starting a backdoor within the unfortunate system.

SentinelLabs has nicknamed the malware “Xcode Spy”: it acts in the Xcode development environment on macOS which is used by developers to produce software for Apple systems. This malware, in particular, takes advantage of the Run Scripts feature in the IDE for infect Apple developers that make use of shared codes within Xcode projects.

It is basically a Trojan, found in some Xcode projects on the net modified. This modified project is practically a copy of a legitimate project on GitHub which set itself the goal of offering extended functionality for the iOS Tab Bar animation.

What does the Xcode project contain?

If you unfortunately download the counterfeit project, what will happen will be very simple. Yes it will automatically launch the backdoor installation EggShell combined with a persistence system. This backdoor basically allows you to manage each file, upload or download others, access the microphone (and record your voice) or read a log file which records what the keyboard types.

However, noticing this malware is far from easy, as there is a detail inside script that allows for an obfuscated start. Then you will not find any indication in the console or in the debugger of the execution of the malware itself.

According to SentinelLabs it is not the only counterfeit project online, so you have to pay close attention and always check the download source of the projects we are going to download. What do you think of this malware its Apple? Let us know with a comment below and keep reading allotek to stay updated on the latest news and more.

Published by
Marco Dellapina

Recent Posts

iOS 16, the return of the battery percentage and all the news of Beta 5

Apple He released iOS 16 Beta 5 to the testers, who will verify the stability…

3 mins ago

PG Esports, Kia Italia and Ckibe celebrate the final of the PG Nationals of League of Legends live

PG Esportsin collaboration with Be Italianannounces that Roberta “Ckibe” risesstreamer and well-known face of the…

4 mins ago

NVIDIA announces results for the second quarter of fiscal 2022

The NVIDIA company today announced preliminary financial results for the second quarter of fiscal 2022…

8 mins ago

Super Smash Bros Ultimate: Guide to Arenas and Scenarios (Part 3)

In this third part, our guide will conclude its section of arenas and scenarios taken…

19 mins ago

Cryptocurrency: how to invest with caution and prudence

It is more evident than ever how it is absolutely appropriate to start your investment…

5 hours ago

How to flirt online. The 5 secrets you should know.

Understanding how to flirt online doesn't mean learning a set of specific techniques and "moves".…

6 hours ago