Attackers are trying awfully hard to backdoor iOS developers’ Macs

by
Dan Goodin
from Ars Technica - All content on (#5FGN9)
mac-800x534.jpg

Enlarge (credit: Jayson Photography / Getty Images)

Researchers said they've found a trojanized code library in the wild that attempts to install advanced surveillance malware on the Macs of iOS software developers.

It came in the form of a malicious project the attacker wrote for Xcode, a developer tool that Apple makes freely available to developers writing apps for iOS or another Apple OS. The project was a copy of TabBarInteraction, a legitimate open source project that makes it easier for developers to animate iOS tab bars based on user interaction. An Xcode project is a repository for all the files, resources, and information needed to build an app.

Walking on eggshells

Alongside the legitimate code was an obfuscated script, known as a Run Script." The script, which got executed whenever the developer build was launched, contacted an attacker-controlled server to download and install a custom version of EggShell, an open source back door that spies on users through their mic, camera and keyboard.

Read 14 remaining paragraphs | Comments

index?i=S28MsDjdGNQ:vT6f3l8Rvjk:V_sGLiPB index?i=S28MsDjdGNQ:vT6f3l8Rvjk:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments