Hello,
today I transfered my XCode project (Xcode Version 11.3.1, 11C504, on macOS 10.15.3) to my MacBook, and executed it on the iPhone simulator (before the start of XCode, XCode had installed something additional, what was necessary...)
After that my Antivirus software (Bitdefender) indicated that it deleted two files in CoreSimulator and XCPGDevices with the following note ((translated from German into English), except for the file paths both notes were identical):
"There was an attempt to run an infected file on your device. Name of the the threat: Exploit.CVE-2018-0802.Gen", after each path the note displayed "We have deleted the file to prevent malicious commands from running on your device"
The paths are:
"Users/flfl/Library/Developer/CoreSimulator/Devices/77160783-714B-42A8-B47F-FA666F11D730/data/var/db/uuidtext/AC/EC7DECB4D13762A5C889CBA37A1C8A=>(?)"
and
"Users/flfl/Library/Developer/XCPGDevices/DFDEFE69-D000-41E3-8FB4-4BD2C2AFDCFC/data/var/db/uuidtext/AC/EC7DECB4D13762A5C889CBA37A1C8A=>(?)"
Afterwards I deleted the content of the XCPGDevices folder because I have read somewhere it would not be harmful to do that.
I read about this exploit that it would be applicable to Windows-Office software (Microsoft Office is installed as macOS apps on the macbook).
Do you know if this is a real threat and if the exploit is potentially applicable to XCode?
For what is the file and its file-ending "=>(?)" used, is it common? I wonder what can lead to this supposed infection.
Thanks in advance
