
Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs
Malware Threat
Microsoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating several new features, including enhanced browser targeting, clipboard hijacking, and improved persistence mechanisms.
XCSSET is a modular macOS malware that acts as an infostealer and cryptocurrency stealer, stealing Notes, cryptocurrency wallets, and browser data from infected devices. The malware spreads by searching for and infecting other Xcode projects found on the device, so that the malware is executed when the project is built.
“The XCSSET malware is designed to infect Xcode projects, typically used by software developers, and run while an Xcode project is being built,” explains Microsoft.
“We assess that this mode of infection and propagation banks on project files being shared among developers building Apple or macOS-related applications.”
In a new variant observed by Microsoft, researchers have noted several changes.
Comprehensive antivirus for Mac
Protect your Mac from malware, ransomware, and other cyberthreats with a reliable, easy-to-use business antivirus.

Key features
Our antivirus for Mac includes an automated process that offers threat detection and malware scanning, ensuring every device is covered.