{"id":102363,"date":"2025-02-18T21:04:55","date_gmt":"2025-02-18T21:04:55","guid":{"rendered":"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/"},"modified":"2025-02-18T21:04:55","modified_gmt":"2025-02-18T21:04:55","slug":"microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks","status":"publish","type":"post","link":"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/","title":{"rendered":"Microsoft warns that the powerful XCSSET macOS malware is back with new tricks"},"content":{"rendered":"<div>\n<p>Microsoft said it has detected a new variant of XCSSET, a powerful macOS malware family that has targeted developers and users since at least 2020.<\/p>\n<p>The variant, which Microsoft <a href=\"https:\/\/x.com\/MsftSecIntel\/status\/1891410993265123662\">reported Monday<\/a>, marked the first publicly known update to the malware since 2022. The malware first came to light in 2020, when security firm Trend Micro <a href=\"https:\/\/documents.trendmicro.com\/assets\/pdf\/XCSSET_Technical_Brief.pdf\">said<\/a> it had targeted app developers after spreading through a publicly available project the attacker wrote for Xcode, a developer tool Apple makes freely available. The malware gained immediate attention because it exploited what, at the time, were two zero-day vulnerabilities, a testament to the resourcefulness of the entity behind the attacks.<\/p>\n<p>In 2021, XCSSET surfaced again, first when it was used to <a href=\"https:\/\/arstechnica.com\/gadgets\/2021\/03\/attackers-are-trying-awfully-hard-to-backdoor-ios-developers-macs\/\">backdoor developers\u2019 devices<\/a> and a few months later when researchers found it <a href=\"https:\/\/arstechnica.com\/gadgets\/2021\/05\/hackers-exploit-a-macos-0day-that-allows-them-to-screenshot-infected-macs\/\">exploiting<\/a> what at the time was a new zero-day.<\/p>\n<p><a href=\"https:\/\/arstechnica.com\/security\/2025\/02\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/\">Read full article<\/a><\/p>\n<p><a href=\"https:\/\/arstechnica.com\/security\/2025\/02\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/#comments\">Comments<\/a><\/p>\n<\/div>\n<p class=\"wpematico_credit\"><small>Powered by <a href=\"http:\/\/www.wpematico.com\" target=\"_blank\">WPeMatico<\/a><\/small><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft said it has detected a new variant of XCSSET, a powerful macOS malware family that has targeted developers and users since at least 2020. The variant, which Microsoft reported Monday, marked the first publicly known update to the malware since 2022. The malware first came to light in 2020, when security firm Trend Micro said it had targeted app developers after spreading through a publicly available project the attacker&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[241],"tags":[],"class_list":["post-102363","post","type-post","status-publish","format-standard","hentry","category-technology"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft warns that the powerful XCSSET macOS malware is back with new tricks - UshopWell.com<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft warns that the powerful XCSSET macOS malware is back with new tricks - UshopWell.com\" \/>\n<meta property=\"og:description\" content=\"Microsoft said it has detected a new variant of XCSSET, a powerful macOS malware family that has targeted developers and users since at least 2020. The variant, which Microsoft reported Monday, marked the first publicly known update to the malware since 2022. The malware first came to light in 2020, when security firm Trend Micro said it had targeted app developers after spreading through a publicly available project the attacker...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/\" \/>\n<meta property=\"og:site_name\" content=\"UshopWell.com\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-18T21:04:55+00:00\" \/>\n<meta name=\"author\" content=\"UShopWell\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"UShopWell\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\\\/\"},\"author\":{\"name\":\"UShopWell\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#\\\/schema\\\/person\\\/6fd1f9e0ff932e534c86c70d5acff0fc\"},\"headline\":\"Microsoft warns that the powerful XCSSET macOS malware is back with new tricks\",\"datePublished\":\"2025-02-18T21:04:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\\\/\"},\"wordCount\":155,\"publisher\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#organization\"},\"articleSection\":[\"Technology\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\\\/\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\\\/\",\"name\":\"Microsoft warns that the powerful XCSSET macOS malware is back with new tricks - UshopWell.com\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#website\"},\"datePublished\":\"2025-02-18T21:04:55+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft warns that the powerful XCSSET macOS malware is back with new tricks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#website\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/\",\"name\":\"UshopWell.com\",\"description\":\"The Premiere Online Marketplace\",\"publisher\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#organization\",\"name\":\"UshopWell\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2018\\\/01\\\/pandaSwea.png\",\"contentUrl\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2018\\\/01\\\/pandaSwea.png\",\"width\":365,\"height\":359,\"caption\":\"UshopWell\"},\"image\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#\\\/schema\\\/person\\\/6fd1f9e0ff932e534c86c70d5acff0fc\",\"name\":\"UShopWell\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g\",\"caption\":\"UShopWell\"},\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/author\\\/kburnettu\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft warns that the powerful XCSSET macOS malware is back with new tricks - UshopWell.com","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft warns that the powerful XCSSET macOS malware is back with new tricks - UshopWell.com","og_description":"Microsoft said it has detected a new variant of XCSSET, a powerful macOS malware family that has targeted developers and users since at least 2020. The variant, which Microsoft reported Monday, marked the first publicly known update to the malware since 2022. The malware first came to light in 2020, when security firm Trend Micro said it had targeted app developers after spreading through a publicly available project the attacker...","og_url":"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/","og_site_name":"UshopWell.com","article_published_time":"2025-02-18T21:04:55+00:00","author":"UShopWell","twitter_card":"summary_large_image","twitter_misc":{"Written by":"UShopWell","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/#article","isPartOf":{"@id":"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/"},"author":{"name":"UShopWell","@id":"https:\/\/ushopwell.com\/ublog\/#\/schema\/person\/6fd1f9e0ff932e534c86c70d5acff0fc"},"headline":"Microsoft warns that the powerful XCSSET macOS malware is back with new tricks","datePublished":"2025-02-18T21:04:55+00:00","mainEntityOfPage":{"@id":"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/"},"wordCount":155,"publisher":{"@id":"https:\/\/ushopwell.com\/ublog\/#organization"},"articleSection":["Technology"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/","url":"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/","name":"Microsoft warns that the powerful XCSSET macOS malware is back with new tricks - UshopWell.com","isPartOf":{"@id":"https:\/\/ushopwell.com\/ublog\/#website"},"datePublished":"2025-02-18T21:04:55+00:00","breadcrumb":{"@id":"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/ushopwell.com\/ublog\/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ushopwell.com\/ublog\/"},{"@type":"ListItem","position":2,"name":"Microsoft warns that the powerful XCSSET macOS malware is back with new tricks"}]},{"@type":"WebSite","@id":"https:\/\/ushopwell.com\/ublog\/#website","url":"https:\/\/ushopwell.com\/ublog\/","name":"UshopWell.com","description":"The Premiere Online Marketplace","publisher":{"@id":"https:\/\/ushopwell.com\/ublog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ushopwell.com\/ublog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/ushopwell.com\/ublog\/#organization","name":"UshopWell","url":"https:\/\/ushopwell.com\/ublog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ushopwell.com\/ublog\/#\/schema\/logo\/image\/","url":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2018\/01\/pandaSwea.png","contentUrl":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2018\/01\/pandaSwea.png","width":365,"height":359,"caption":"UshopWell"},"image":{"@id":"https:\/\/ushopwell.com\/ublog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/ushopwell.com\/ublog\/#\/schema\/person\/6fd1f9e0ff932e534c86c70d5acff0fc","name":"UShopWell","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g","caption":"UShopWell"},"url":"https:\/\/ushopwell.com\/ublog\/author\/kburnettu\/"}]}},"_links":{"self":[{"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/posts\/102363","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/comments?post=102363"}],"version-history":[{"count":0,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/posts\/102363\/revisions"}],"wp:attachment":[{"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/media?parent=102363"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/categories?post=102363"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/tags?post=102363"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}