Tag Archive for: Mac’

This new macOS backdoor lets hackers take over your Mac remotely — how to stay safe

/in


Hackers are beefing up their efforts to go after the best MacBooks as security researchers have discovered a brand new macOS backdoor which appears to have ties to another recently identified Mac malware strain.

As reported by SecurityWeek, this new Mac malware has been dubbed SpectralBlur and although it was uploaded to VirusTotal back in August of last year, it remained undetected by the best antivirus software until it recently caught the attention of Proofpoint’s Greg Lesnewich.

In a blog post, Lesnewich explained that SpectralBlur has similar capabilities to other backdoors as it can upload and download files, delete files and hibernate or sleep when given commands from a hacker-controlled command-and-control (C2) server. What is surprising about this new Mac malware strain though is that it shares similarities to the KandyKorn macOS backdoor which was created by the infamous North Korean hacking group Lazarus.

Just like SpectralBlur, KandyKorn is designed to evade detection while providing the hackers behind it with the ability to monitor and control infected Macs. Although different, these two Mac malware strains appear to be built based on the same requirements.

Once installed on a vulnerable Mac, SpectralBlur executes a function that allows it to decrypt and encrypt network traffic to help it avoid being detected. However, it can also erase files after opening them and then overwrite the data they contain with zeros.

Mac malware is on the rise

If you thought your Mac was safe from hackers and malware, I’ve got bad news for you. Cybercriminals may have preferred Windows machines in the past but now that Apple’s computers have seen a surge in popularity over the past few years, they’ve become a much more valuable target.

According to a blog post from the non-profit Objective-See (via The Hacker News), 21 new malware strains designed to target macOS were discovered in 2023 alone. This is a significant increase compared to the previous year when only 13 Mac malware strains were identified.

As such, expect to see even more Mac malware this year as hackers and other cybercriminals have seen firsthand just how valuable it can be targeting Apple’s computers over the best…

Source…

Here’s how to protect your Mac

/in


There’s a new macOS turtle ransomware in town. You don’t need to hide in your digital shell, but you might want to take it slow and avoid having your Mac compromised.

This new macOS ransomware was discovered and analyzed a few days ago by Objective-See (via AppleInsider), and it’s one of those attacks you should be aware of. Still, it’s nothing that you should change your habits – if you know how to navigate online.

Internal references on the data analyzed show the hackers call this attack “Turtlerans,” “TurnmiRansom,” and “TurtleRansom,” so it’s not BGR inventing this malware a name. As expected, it works with Windows and Linux and was recently ported to macOS.

Objective-See goes way deep in the malware, but long story short, your Mac should probably block a possible attack, as you need to actively let it work on your computer. If the attack is successful, here’s what happens: “It reads it into memory, encrypts it with AES (in CTR mode), renames the file, then overwrites the file’s original contents with the encrypted data. Pretty standard ransomware logic,” the blog post reads.

Interestingly, this turtle ransomware is also pretty easy to decrypt (I mean, if you know, you know). That said, the reason to be concerned about this malware is more about the fact that the authors have set their sights on macOS rather than having your files stolen at this moment.

How to prevent yourself from this macOS turtle ransomware?

First and foremost, the publication praises Apple for implementing technologies to protect OS-level files. So, if you have an Apple silicon Mac, your computer is even more protected against attacks that aim at the system’s core files.

In addition, to protect yourself, just make sure to download software and files from places you trust, such as the Mac App Store, directly from developers or websites you know. Before this ransomware attacks, it will ask for access to your files. So, if you’re not sure what you’re downloading – or…

Source…

Jamf uncovers new Mac malware linked to known hacking group

/in


Jamf finds a new strain of malware

Jamf Threat Labs has discovered a new malware strain that appears to be connected to BlueNoroff, a group that often attacks businesses in the financial sector.

The discovery came about during Jamf’s regular security checks. They found software for Mac computers secretly connecting to a known malicious internet domain, although Jamf didn’t mention a particular program that Mac users should be aware of.

What made the find particularly intriguing was that this software was not recognized as a threat by VirusTotal, a popular website used to check suspicious files, at the time of uploading by Jamf.

The program is cleverly disguised, using a digital signature that initially appears legitimate. It communicates with a server that, while appearing to be associated with a legitimate cryptocurrency platform, is controlled by the attackers.

BlueNoroff signature move

The method of operation aligns with the BlueNoroff group’s established strategies. These typically involve creating counterfeit domains that mirror reputable companies, which helps them evade detection and entice their targets.

The fraudulent domain was set up in late May 2023, and the malware uses it to send and receive information. Jamf’s analysis revealed that while they were investigating, the server behind the domain stopped responding, possibly because the attackers became aware of the scrutiny.

Further analysis by Jamf indicated that the malware was designed using Objective-C, a programming language used for Mac software. The malware acts like a remote control for the infected computer, allowing the attackers to send commands and control the system after they have breached it.

Upon activation, the malware sends a signal to the attacker-controlled domain, disguising its communications as regular internet traffic. It also collects and sends information about the infected computer, such as the version of the macOS operating system it is running.

Despite its simplicity, the malware is effective and aligns with BlueNoroff’s approach of…

Source…

Malwarebytes for Mac Premium – Review 2023

/in


Years of Mac commercials touted the concept that PCs get viruses, but Macs don’t. In the real world, Macs are an attractive target for malware coders. Perhaps not as inviting a target as PCs or Android devices, but there’s no question that Mac-specific malware exists. Going without Mac antivirus protection is just a bad idea. Malwarebytes has a reputation for wiping out malware even when other utilities fail, but the Mac edition doesn’t have lab test reports to back that up. One independent lab labels Norton 360 Deluxe for Mac a top product, while Bitdefender Antivirus for Mac holds near-perfect scores from two labs. If independent verification is important to you, one of these two Mac antivirus programs may suit you better.

How Much Does Malwarebytes for Mac Premium Cost?

Just under $40 per year is a common price for a single year’s antivirus subscription, both Windows and macOS editions. A third of the Mac antivirus utilities I follow hit this mark. Malwarebytes is just a little higher, at $44.99 per year, but at the three-license level, it aligns with the rest. Half of the macOS antivirus utilities that offer a three-license subscription charge between $55 and $60; Malwarebytes goes for $59.99 at the three-license level.

Paying $79.99 per year gets you five licenses. With multi-device subscriptions, subscription you can install Malwarebytes on Macs or Windows boxes, your choice. Note that at the three- and five-device tiers, an extra $20 per year gets you the Malwarebytes Privacy VPN.

With Norton, you pay $114.99 per year for five licenses. You get VPN protection with no bandwidth limits at this level, along with a full panoply of other security suite features. McAfee AntiVirus Plus for Mac charges $64.99 per year, but that license lets you install protection on all your macOS, Windows, Android, iOS, and ChromeOS devices. As you can see, there’s a lot of variation in pricing.

No money in the budget for Mac antivirus? No problem! You can install and run Avast,…

Source…