Microsoft has identified a new variant of the XCSSET macOS malware, marking the first major update since 2022. This malware, which first surfaced in 2020, has targeted app developers by exploiting zero-day vulnerabilities. The latest variant features two novel persistence methods to maintain infection, enhanced infection capabilities with multiple triggering options, and improved obfuscation techniques, indicating an evolved sophistication. Detection of the variant highlights ongoing threats to macOS users, emphasizing the need for vigilant security practices among developers.
Microsoft has detected a new variant of XCSSET—a powerful macOS malware—marking the first update since 2022, targeting app developers since 2020.
The new variant introduces unseen persistence methods and enhanced infection techniques, showcasing the evolving sophistication of macOS malware.
XCSSET initially gained notoriety for exploiting zero-day vulnerabilities, demonstrating the resourcefulness of the attackers behind these malicious endeavors.
Attackers can now trigger the XCSSET payload using specific options, greatly increasing the malware's adaptability and obfuscation, complicating detection and response.
Collection
[
|
...
]