Hack On macOS Allows Attackers To Take Screenshots

Share post:

Hackers have exploited a weakness in updated versions of macOS that allowed them to take screenshots on infected Macs without obtaining victims’ permission.

The zero-day was exploited by XCSSET, a malware discovered last August by TrendMicro, a security firm.

XCSSET used two zero-days to infect Mac developers with malware that stole browser files and cookies.

The malware also injected backdoors into websites, stole data from Skype and other apps, took screenshots, and encrypted files.

The infections came in the form of a malicious project that the hacker wrote for Xcode.

Xcode is a tool that Apple makes available to developers who write apps for macOS or other Apple operating systems.

Once an XCSSET project was opened and built, the malicious code ran on the user’s Mac, according to TrendMicro.

It is unlikely that XCSSET will infect Macs unless it has carried out a malicious Xcode project.

The majority of users should not worry unless they are developers who have used one of the projects.

For more information, read the original story in arstechnica.

SUBSCRIBE NOW

Related articles

CrowdStrike update causes global IT outages, fix is available

Some airlines, banks and government services around the world have been affected by a faulty software update for...

Charges dismissed in SolarWinds hacking case

A judge has dismissed most of the Securities and Exchange Commission's (SEC) fraud charges against SolarWinds related to...

Canadian is among foreign nationals pleading guilty to involvement with Lockbit ransomware

Two foreign nationals have pleaded guilty in the US District of New Jersey to their involvement in the...

FBI rapidly hacks into Trump shooter’s phone, raises privacy concerns

Just two days after the attempted assassination at a Trump rally, the FBI announced it had gained access...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways