Xcode apps with malware can be innocently added to Mac App Store

Apple’s Mac and iOS app stores have been in the news a lot lately, with developers complaining about the 30% commission taken by Apple. To go along with this news, developers can innocently add apps created with Xcode that contain malware to the Mac App Store. Does this mean that the App Store is no longer secure?

Malware infecting Xcode

Apple says the 30% fee leads to more secure apps that they carefully vetted. But a new kind of Mac malware has spread its infection through Xcode, a tool developers use to create apps for Mac.

Security researchers Oleksandr Shatkivskyi and Vlad Felenuik at Trend Micro found the malware. It is part of the XCSSET family and is “an unusual infection injected into Xcode projects. This can lead to a “malicious payload rabbit hole” for Mac users.

This malware can abuse Safari and other browsers and steal data with a vulnerability that reads and empties cookies and creates backdoors in JavaScript. This can change the websites displayed, steal information and passwords, and block changed passwords.

Xcode Malware Desktop news

It can steal information from popular apps, such as Evernote, Notes, Skype, Telegram, QQ, and WeChat. It can also take screenshots, upload files to attacker’s server, encrypt files, and display ransom note. In other words, it is powerful malware.

Researchers believe that the Xcode malware will become popular among attackers looking to affect Mac systems. The worst part is that it can infect a developer’s projects without them knowing it before sending them to the App Store.

They also believe the malware will work on newer Macs running Apple Silicon, although they haven’t had access to any to test it.

Are Mac apps always safe?

While Shatkivskyi and Felenuik point out that the App Store review team will not be able to detect malware in apps and that they will be passed on, so far the 30% fee charged by Apple seem to be doing its job.

They raised their concerns with Apple in December 2019 and are hopeful that Apple will rectify the situation. They suggested that Apple could notify users of a potential breach like the current iOS 14 and iPadOS 14 privacy notifications.

Xcode Malware Mac newsXcode Malware Mac news

However, researchers still believe Apple is a safe operating system. They said, “Apple has [sic] there is still work to be done, but macOS remains the most secure platform available. “

Shatkivskyi suggested, “To stay safe you have to be a little paranoid. Do not allow any application to record your screen. Also pay attention to what works on your Mac, ”adding that it only uses licensed software.

As has been pointed out, they still believe that the Apple system is safe. Apple’s hallmark has always been safety. So far no apps have been discovered with it, so maybe Apple removes all apps developed with Xcode malware.

Read on to find out why Macs may not be as secure as Shatkivskyi and Felenuik claim, after Macs had more malware detections than PCs in 2019. Let us know in the comments if you’ve downloaded a malicious Mac application.

Laura Tucker
Laura Tucker

Laura has spent nearly 20 years writing news, reviews and opinion pieces, including more than 10 as editor. She has used Apple products exclusively for three decades. In addition to writing and editing at MTE, she also runs the site’s sponsored editing program.

Is this article useful?

!function(f,b,e,v,n,t,s)
{if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};
if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version=’2.0′;
n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];
s.parentNode.insertBefore(t,s)}(window, document,’script’,
‘https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘400239050508508’);
fbq(‘track’, ‘PageView’);

Leave a Reply