APT28, the Russian hacking group tied to last year's interference in the 2016 presidential election, has long been known for its advanced arsenal of tools for penetrating Windows, iOS, Android, and Linux devices.
Now, researchers have uncovered an equally sophisticated malware package the group used to compromise Macs. Like its counterparts for other platforms, the Mac version of Xagent is a modular backdoor that can be customized to meet the objectives of a given intrusion. Capabilities include logging passwords, snapping pictures of screen displays, and stealing iOS backups stored on the compromised Mac.Read more
Security researchers have discovered a rare piece of Mac-based espionage malware that relies on outdated coding practices but has been used in some previous real-world attacks to spy on biomedical research center computers.
Dubbed Fruitfly, the malware has remained undetected for years on macOS systems despite using unsophisticated and "antiquated code." According to the researchers, the recently discovered what they're calling "the first Mac malware of 2017" contains code that dates before OS X, which has reportedly been conducting detailed surveillance operation on targeted networks, possibly for over two years.Read more
Mac OS users running Safari are falling victim to a tech support scam that can freeze their computer, according to a Thursday post on the MalwareBytes Labs blog. Similar previous campaigns have used fake alerts notifying victims that something is wrong with their computer, prompting them to reach out for tech assistance.
By clicking onto a phony site, or by calling a phony assistance number, the victim can then authorize attackers to gain control of their machines. One version of this scam, which targeted the browser, was dubbed a browlock. Another one which actually loaded malware onto devices was termed a screen locker.Read more
A notorious cyberespionage group with suspected links to Russian intelligence has developed a complex piece of malware designed to infect computer systems running Apple OSX.
The hackers, dubbed Sofacy Group by the California-based experts, have been given many titles over the years by analysts including Fancy Bears, APT28 and Pawn Storm. It is the same group believed to have infiltrated the Democratic National Committee earlier this year. Experts explained how the Trojan – called 'Komplex' – does not exploit an Apple security flaw but instead takes hold via extremely targeted spearphishing tactics.Read more
The first known ransomware attack on Apple Inc's Mac computers, which was discovered over the weekend, was downloaded more than 6,000 times before the threat was contained, according to a developer whose product was tainted with the malicious software.
Hackers infected Macs with the "KeRanger" ransomware through a tainted copy of Transmission, a popular program for transferring data through the BitTorrent peer-to-peer file sharing network. So-called ransomware is a type of malicious software that restricts access to a computer system in some way and demands the user pay a ransom to the malware operators to remove the restriction.Read more
An examination of a new OS X malware sample suggests the Italian exploit seller may be up to its old tricks. A recently discovered Apple Mac OS X malware sample has raised speculation that exploit seller Hacking Team is returning to the market after a disastrous cyberattack.
In July 2015, Italian firm Hacking Team, a provider of surveillance tools, malware and spyware to government, law enforcement and intelligence agencies worldwide, experienced a catastrophic data breach after a cyberattacker compromised their servers and managed to steal 400GB of corporate data.Read more
Cybercriminals are increasingly targeting Apple devices and 2016 will see a rise in attacks on its operating systems, security experts suggest. According to security firm Symantec, the amount of malware aimed at Apple's mobile operating system has more than doubled this year, while threats to Mac computers also rose.
Security firm FireEye also expects 2016 to be a bumper year for Apple malware. Systems such as Apple Pay could be targeted, it predicts. Apple is an obvious target for cybercriminals because its products are so popular. While the total number of threats targeting Apple devices remains low compared with Windows and Android.Read more
With the launch of iOS 9, Apple gave us an ultimate reason to upgrade our Apple devices to its new operating system. The latest iOS 9 includes a security update for a nasty bug that could be exploited to take full control of your iPhone or Macs, forcing most of the Apple users to download the latest update.
Australian security researcher Mark Dowd has disclosed a serious vulnerability in AirDrop, Apple's over-the-air file sharing service built into iOS and Mac OS X. The vulnerability allows anyone within the range of an AirDrop user to silently install a malicious app on a target Apple device by sending an AirDrop file which involves rebooting of the target device.Read more
Back in July, a security researcher disclosed a zero-day vulnerability in Mac OS X that allowed attackers to obtain unrestricted root user privileges with the help of code that even fits in a tweet.
The same vulnerability has now been upgraded to again infect Mac OS X machines even after Apple fixed the issue last month. The privilege-escalation bug was once used to circumvent security protections and gain full control of Mac computers. The vulnerability then allowed attackers to install malware and adware onto a target Mac, without requiring victims to enter system passwords.Read more
Security researcher published the details of a vulnerability in OS X a couple weeks ago that allows an attacker to gain root privileges. Most people, though, are probably more interested in what the vulnerability is and how it might affect them.
The problem is a root privilege escalation bug. Every Unix system, and OS X is no exception, has many hidden users defined by the system, besides the one or more that the average person is aware of. The root user is the highest of these, the one and only user that has access to everything. For this reason, access to the root user is tightly controlled. An attacker with root privileges can literally do anything to your system.Read more