Newly Discovered XcodeSpy Malware Targets iOS Devs
Attack on Finnish parliament attributed to APT31, Man who sought to implant malware on Tesla's network sentenced, Verkada hacker indicted in U.S., Facebook allows security keys for iOS, Android, more
Researchers from cybersecurity firm SentinelOne discovered a malicious version of the legitimate iOS TabBarInteraction Xcode project. The malware, dubbed XcodeSpy, is targeting iOS devs in a supply chain attack.
As part of the attack, the threat actors have cloned the legitimate TabBarInteraction project and added an obfuscated malicious 'Run Script' script to the project, which opens a remote shell back to the threat actor's server, cralev.me. (Lawrence Abrams / Bleeping Computer)
Related: SecurityWeek, ZDNet, Reddit - cybersecurity, SentinelLabs, The Record by Recorded Future, AppleInsider, Sensors Tech Forum, Ars Technica, 9to5Mac, iDownloadBlog.com, MacRumors, Threatpost, SecurityWeek, SC Magazine, Security Affairs, The Mac Observer, Slashdot, Exploit One, Exploit One, idownloadblog, Computerworld Security
The Finnish Security and Intelligence Service, known by the abbreviation Supo, said that the Chinese threat group APT31 is the culprit behind an espionage campaign aimed at th…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.