macOS 11.4 blocks malware that can take screenshots

Apple released macOS 11.4 in final version and this update is important for security, since it plugs a loophole related to screenshots. Hackers could take screenshots of users’ Macs without their knowledge.

As explained Jamf, this is a 0-day flaw. XCSSET malware could infect Macs and take screenshots in the background. The image was then sent to a remote server to allow hackers to see what is present. It could be sensitive information.

The XCSSET malware was particularly targeted at developers, since it integrated into fake Xcode projects. The user then had to authorize access from the Terminal and via System Preferences. Anyone with common sense knows very well that such an operation is more than suspicious. Unfortunately, some users are falling for this.

Hackers thought of everything while creating the XCSSET malware with… AppleScripts. Thus, it could run on macOS without the operating system being alerted.

According to Jamf, XCSSET has been around since 2020 and its usage has increased in recent times, including a new variant. Hackers could access the Mac’s disk and make a video recording. So you get it: switching to macOS 11.4 is important for security.

This information comes just days after Craig Federighi’s hearing. Apple’s vice president for macOS and iOS noted that the Mac has a lot of malware. He admitted that Apple was not happy with this situation.