Malware can target all sorts of users, from those who might be naive enough to click on suspicious email attachments, to those who think they’re downloading a pirated movie when they might be downloading malware instead, and so on, so it doesn’t really come as a surprise to learn that there might malware out there that targets developers.
According to a report from Sentinel One, it seems that there is a malware making its rounds that targets developers who create apps for Apple’s iOS and macOS platforms. This is because the malware is disguised as an Xcode project called TabBarInteraction. Developers who are downloading the project think that they are downloading the real thing, but when they run it, a malware backdoor is installed instead.
This malware is basically a trojan which means that the hacker will be able to spy on the user through their computer’s webcam, microphone, monitor keystrokes, and also upload and download files to the infected computer remotely. The malware seems to have been dated back to October last year, which means that it has been out for a while now.
For now, as is usually the case with malware, Sentinel One is advising developers to be more careful with Xcode projects that they download, especially those that are shared.