Trend Micro has identified an insidious new form of Mac malware that is propagated by injecting itself into Xcode projects before they are compiled as apps.
So good they tried it twice
We’ve seen a similar attack before. The so-called ‘XCode Ghost’ was a malware infested version of Apple’s developer environment that was distributed outside of Apple’s channels. Apps built using the software were preinstalled with malware.
Click here for original story, Xcode becomes vector for new Mac malware attack
Source: Computer World