Malicious Xcode projects are being used to hijack developer systems and spread custom EggShell backdoors.
The malware, dubbed XcodeSpy, targets Xcode, an integrated development environment (IDE) used in macOS for developing Apple software and applications.
According to research published by SentinelLabs on Thursday, the Run Script feature in the IDE is being exploited in targeted attacks against iOS developers by way of Trojanized Xcode projects freely shared online.
Read more…
Source: ZDNet