Security News > 2021 > March > New XcodeSpy Mac Malware Targets Software Developers
A recently discovered Mac malware has been used by unknown threat actors to target software developers who use Apple's Xcode integrated development environment.
SentinelOne learned about the malware from an anonymous researcher, but the company also spotted XcodeSpy in the wild in late 2020 at an organization in the United States.
Based on samples uploaded to VirusTotal, the malware may have also been used in attacks aimed at developers in Japan.
In at least one instance, the malware was delivered as a trojanized version of an open source Xcode project offered to iOS developers.
"While XcodeSpy appears to be directly targeted at the developers themselves rather than developers' products or clients, it's a short step from backdooring a developer's working environment to delivering malware to users of that developer's software," SentinelOne said.
More recently, a piece of Mac malware named XCSSET was seen spreading through code injected into Xcode projects, with the payload being executed when the project was built.