Xcode Apps with Malware May Be Innocently Added to Mac App Store

News Xcode Malware Featured

Apple’s ‘ Mac and iOS App Stores are in the news often lately with developers complaining about the 30-percent commission that Apple takes. To go along with that is this news the developers may be innocently adding apps created with Xcode that contain malware to the Mac App Store. Does this mean the App Store is no longer safe?

Malware Infecting Xcode

Apple claims the 30-percent fee leads to safer apps that they have thoroughly vetted. But a new kind of Mac malware has been spreading its infection through Xcode, a tool developers use to create apps for Macs.

Security researchers Oleksandr Shatkivskyi and Vlad Felenuik at Trend Micro found the malware. It’s part of the XCSSET family and is “an unusual infection injected into Xcode projects. It can lead to “a rabbit hole of malicious payloads” for Mac users.

This malware can abuse Safari and other browsers and steal data with a vulnerability that reads and dumps cookies and creates backdoors in JavaScript. This can modify displayed websites, steal information and passwords, and block changed passwords.

News Xcode Malware Desktop

It can steal information from popular apps, such as Evernote, Notes, Skype, Telegram, QQ, and WeChat. It can also take screenshots, upload files to the server of the attacker, encrypt files, and display a ransom note. In other words, this is powerful malware.

The researchers believe the Xcode malware will become popular among attackers looking to affect Mac systems. The worst part is that it can infect a developer’s projects without them knowing before they pass them along to the App Store.

They believe as well that the malware will work on the new Macs running Apple Silicon, though they did not have access to any to test it.

Are Mac Apps Still Safe?

While Shatkivskyi and Felenuik stress that the App Store review team won’t be able to detect the malware in the apps and that they’ll be passed through, so far that 30-percent fee Apple charges seems to be doing its job.

They shared their concerns with Apple in December 2019 and hope Apple is rectifying the situation. They have suggested Apple could notify users of a potential breach like the current privacy notifications of iOS 14 an iPadOS 14.

News Xcode Malware Mac

However, the researchers still believe that Apple is a safe operating system. They said, “Apple have [sic] some work to do, but still, macOS is the most secure platform available.”

Shatkivskyi suggested, “In order to stay safe, you have to be somewhat paranoid. Don’t allow any app to record your screen. Also, pay attention to what is running on your Mac,” adding that he only uses licensed software.

As was stressed, they still believe the Apple system is safe. Apple’s hallmark has always been security. So far there aren’t any apps that have been discovered with it, so perhaps Apple is deleting all the apps developed with the Xcode malware.

Read on to find out why Macs may not be as safe as Shatkivskyi and Felenuik claim, after Macs had more malware detections than PCs in 2019. Let us know in the comments if you have downloaded a malicious Mac app.

Laura Tucker Laura Tucker

Laura has spent nearly 20 years writing news, reviews, and op-eds, with more than 10 of those years as an editor as well. She has exclusively used Apple products for the past three decades. In addition to writing and editing at MTE, she also runs the site's sponsored review program.

Leave a Comment

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.