Tech News: Crypto-stealing malware are already targeting Apple M1 Macs.
Researchers have discovered a new variant of the XCSSET malware that targets M1-powered Macs in an attempt to steal data from cryptocurrency app. XCSSET malware was first discovered in August 2020 within developers’ Xcode projects. Xcode is a free integrated development environment (IDE) used by developers on macOS to build applications for iPhone, iPad, Mac, Apple Look and Apple TV.
Kaspersky revealed in March that XCSSET had been updated to target Apple’s custom silicon, and Trend Micro has since warned that the malware is now able to bypass the security features introduced with macOS Big Sur, such as the operating system requirement that any executable file being executed must be signed.
“To protect systems from this type of threat, users should only download apps from official and legitimate markets, “the security company said.
The malware also attempts to steal account information from multiple cryptocurrency trading platforms, including Huobi, Binance, NNCall.net, Envato, and 163.com, with the ability to replace the address in a user’s cryptocurrency wallet with one under the hacker’s control.
The fact that XCSSET is now targeting cryptocurrency comes as no surprise, as the value of digital currencies like Bitcoin, Ethereum, and Dogecoin has increased dramatically in recent months.
It is equally unsurprising that i MacBook M1 are the ultimate target of malware. Although Apple introduced its first Mac M1s only in November, with the ARM-based chip currently limited to the latest models of MacBook Air, MacBook Pro and Mac mini, the company said it plans to completely ditch Intel by the end of 2022.
The Mac has also already been targeted by malware; Researchers discovered a long-standing M1 version of the Pirrit virus in February, and a few weeks later it was revealed that the Silver Sparrow malware also worked Apple’s modified silicone.