Infected Xcode Project Installs Backdoor on System iOS Developers

Researchers have discovered an infected Xcode project installing a backdoor at iOS developers. Xcode is a development environment for macOS that allows developers to develop Apple-related software, such as iOS and macOS apps.

Recently, a modified version of TabBarInteraction was found, a legitimate, open source Xcode project for iOS developers offered on GitHub. This modified version, once started, runs a script that installs a backdoor on the developer's system. The backdoor can save keystrokes, make recordings via the microphone and webcam and upload and download files.

According to security company SentinelOne , there are indications that more rogue Xcode projects were in circulation, but they have not been found. As far as is known, one American organization has fallen victim to the infected Xcode project. SentinelOne's investigation would show that the attack with the infected projects was active between July and October last year and it may also have targeted developers in Asia.

Last August, antivirus company Trend Micro already issued a warning about infected Xcode projects that, among other things, opened a backdoor on developers' systems. Furthermore, this malware tried to infect other Xcode projects on the system. Affected developers shared their infected Xcode projects via GitHub, where they were downloaded by other developers.

Previous Post Next Post