macOS malware steals your data using browser exploits: How to protect your MacBook
Developers are unknowingly speeding its spread
While macOS certainly isn't completely free from malware concerns, it does manage to avoid the constant deluge of malware and security flaws that Windows 10 users must contend with, which can lead to these threats catching macOS users off-guard.
The latest macOS malware was uncovered by security researchers at the antivirus vendor Trend Micro. It is particularly clever in its implementation as the malicious code is being transmitted via Xcode projects, the development tool used to create apps for all Apple platforms (via PCMag).
- MacBook with Apple Silicon: Release date, rumors, specs, and what we want
- Best cheap MacBook deals of August 2020
- Apple Glass: Release date, design, features, price and more
The hackers created malicious code that is injected into local Xcode projects and runs when the project is built. It can be spread both via the Xcode projects themselves, something that has already been tracked to some projects shared via GitHub, as well as by the resulting apps.
How the XCSSET Malware works
The malware, according to the Trend Micro team, makes use of "two-zero day exploits: one is used to steal cookies via a flaw in the behavior of Data Vaults, another is used to abuse the development version of Safari."
This could allow it to carry out a number of dangerous behaviors including stealing information from your Evernote, Notes, Skype, Telegram, QQ and WeChat apps. It could capture screenshots from your system, upload files from your Mac to the hacker's server, or encrypt files on your Mac and display a ransom note.
Further actions that are theoretically possible given its ability to inject JavaScript code into Safari include modifying the websites that you are viewing, modifying or replacing cryptocurrency addresses, stealing payment credentials or credit card info, blocking or capturing passwords, and capturing screenshots of any sites visited.
A full technical brief on what Trend Micro is calling the "XCSSET Malware" is available here for those interested in additional details.
Stay in the know with Laptop Mag
Get our in-depth reviews, helpful tips, great deals, and the biggest news stories delivered to your inbox.
How to protect yourself from the XCSSET Malware
One of Trend Micro's primary messages was a warning for developers to check their projects to ensure that they are free from this problem. However, for consumers, the best way to protect yourself is to only download apps from either the App Store or trusted existing vendors' sites.
Beyond that, you should consider some form of antivirus protection that would be capable of detecting this kind of malware and helping to eliminate it from your system before it could cause any serious harm.
Sean Riley has been covering tech professionally for over a decade now. Most of that time was as a freelancer covering varied topics including phones, wearables, tablets, smart home devices, laptops, AR, VR, mobile payments, fintech, and more. Sean is the resident mobile expert at Laptop Mag, specializing in phones and wearables, you'll find plenty of news, reviews, how-to, and opinion pieces on these subjects from him here. But Laptop Mag has also proven a perfect fit for that broad range of interests with reviews and news on the latest laptops, VR games, and computer accessories along with coverage on everything from NFTs to cybersecurity and more.