XcodeSpy Malware

Cybercriminals often exploit features of legitimate software to try and deploy threatening programs to vulnerable computers. One of the recently identified malware projects is very interesting because it goes after macOS users and, in particular, software developers. The attack is executed by leveraging a feature of Xcode, a popular Integrated Development Environment (IDE) for macOS. The criminals are using a threatening Xcode project, dubbed XcodeSpy, which has a corrupted script embedded inside of it. The XcodeSpy file may be spread through GitHub repositories, online forums and other digital content. If you use Xcode regularly, we advise you to be careful when downloading new projects, or you may end up introducing threatening malware to your device unknowingly.

Currently, the threatening XcodeSpy project is delivering a backdoor Trojan called EggShell. This backdoor works on macOS exclusively and it has been around for a long time relatively. The good news is that users can protect themselves from both XcodeSpy and EggShell by using an up-to-date macOS security tool.

Falling victim to the XcodeSpy Malware and the backdoor that accompanies it may have devastating consequences. This threat is able to collect files from the infected device, as well as to access the camera, microphone, and keyboard input. Last but not least, the criminals would gain the ability to upload additional payloads to the compromised system, therefore making it possible to plant more malware.

As mentioned above, protecting yourself from the XcodeSpy Malware requires the use of reliable anti-virus software, as well as to avoid suspicious websites and file downloads.