"New Mac Malware Variant Steals Crypto, Encrypts Files: Microsoft Warns Users"

Apple macOS users have been warned of a new variant of malware, XCSSET, which can steal cryptocurrency from their devices. Microsoft Threat Intelligence researchers discovered this updated version of the malware, which was first detected in 2020. The new variant can target data in Apple's Notes app and uses obfuscation techniques to evade detection.

The malware can also encrypt files, raising concerns about potential ransomware attacks. Microsoft has only detected limited attacks involving this new variant so far, but it is sharing information to help organizations protect themselves. The malware is typically spread through infected Xcode projects, which are files used to create apps for macOS.

When XCSSET first emerged, researchers at Trend Micro noted that it primarily targeted developers. The malware had the theoretical capability to manipulate what the end user sees on their browser, potentially modifying or replacing Bitcoin and other crypto addresses. Users are advised to inspect and verify any Xcode projects downloaded or cloned from repositories and only install apps from trusted sources.

The ransomware space is rapidly evolving, with payments to hackers falling 35% in 2024 compared with the year before. However, attackers are starting to shift their tactics by deploying new ransomware strains and asking for payments just hours after data is encrypted. Users and organizations must remain vigilant and take necessary precautions to protect their data and assets.