Re: Beware of 'XCSSET' malware hidden inside Xcode projects


 



On Aug 14, 2020, at 12:21 PM, 2551phil <2551phil@...> wrote:

Hope this doesn't come across as a sales plug, not least because it's been free since the start of COVID :), but I develop a tool that detects the presence of that (and much else in the macOS malware/adware/keylogger space).

Does it specifically detect XCSSET? Because the current version of DetectX Swift.app is dated July 4, whereas the PDF describing XCSSET was released in the past few days*, and two of the exploits therein are described as zero-days, meaning they were not previously known.

—Jens

*  (I don't know the exact date, but the text refers to an infection that occurred on July 31, so it must be after that, and none of the Google hits for "XCSSET malware" are dated earlier than yesterday.)

Join xcode@apple-dev.groups.io to automatically receive all group messages.