Microsoft said it has detected a new variant of XCSSET, a powerful macOS malware family that has targeted developers and users since at least 2020.
The variant, which Microsoft reported Monday, marked the first publicly known update to the malware since 2022. The malware first came to light in 2020, when security firm Trend Micro said it had targeted app developers after spreading through a publicly available project the attacker wrote for Xcode, a developer tool Apple makes freely available. The malware gained immediate attention because it exploited what, at the time, were two zero-day vulnerabilities, a testament to the resourcefulness of the entity behind the attacks.
In 2021, XCSSET surfaced again, first when it was used to backdoor developers’ devices and a few months later when researchers found it exploiting what at the time was a new zero-day.
