For now, it’s unclear as to the method used by the malware to initially land itself into an Xcode project. But from there, whenever an infected project is being built, it will also run a malicious code. This eventually leads to the malware finding its way into a system to infect.
Once in an infected system, it is capable of a wide variety of things. It can steal user data from a wide variety of apps, take screenshots of the system user’s screen, and upload files from the affected system to the hacker’s server. Should the hacker choose to, the malware can also then be used to encrypt files on the infected machine, and display a ransom note, like a typical ransomware. Because this malware spreads during the development of software, its potential to spread is pretty crazy. This is especially considering code can often be shared in repositories like GitHub. Software devs will have to be extra vigilant, and thoroughly check the integrity of their projects to stop this particular malware from spreading. (Source: Trend Micro)
