MILLIONS of Apple users have been warned to delete “very malicious” malware that’s stealing their credentials, copying keystrokes, and even recording screenshots, experts warned.
A cyber threat intelligence agency flagged the disturbing issues for millions of Americans who own Macs, noting that “it’s imperative that every single user check for these malicious files and delete them right away.”
Check Point’s Ekram Ahmed pointed out that it’s not the usual Mac malware landscape, while the firm’s head of cyber research Yaniv Balmas told Forbes that it’s “fully-fledged malware” of malicious intent and functionality.”
The malware can harvest “credentials from various web browsers, collecting screenshots, monitoring and logging keystrokes, and downloading and executing files according to the orders received from Command-and-Control (C&C) servers.”
Unfortunately, it includes “tricks” that make it hard for analysts to probe it and Forbes noted that it stems from notorious Formbook malware as a service.
Rebranded as Xloader last year, it’s been “prolific” in the last six months in “targeting not just Windows, but to our surprise, also Mac users” – and experts predict that it will only get worse
Ahmed said: “The malware moves much faster and deeper, compared to its predecessor.
“I expect the malware to continue to evolve in more virulent ways by the end of the year.”
Check Point analysts also flagged the “big misconception with Mac users” about security and just assuming they’re malware-free.
“From a technical perspective, there is no real barrier,” Balmas said.
“It’s just a decision by the ‘bad guys.’ Once they enter the Mac ecosystem, there’s no stopping them—and if users are very naive and unsuspecting, that might actually result in serious damage.”
MALWARE FOR SALE
In its explosive report, Check Point noted that hackers can buy malware licenses for just $49, enabling them to “harvest log-in credentials, collect screenshots, log keystrokes, and execute malicious files.”
To avoid being targeted by the invasive malware, users should check the LaunchAgents directory in their library “suspicious” filenames. D
If you find any – e.g. “com.wznlVRt83Jsd.HPyT0b4Hwxh.plist” – delete it immediately.
Running a reputable antivirus software package on your Mac is also advisable.
Back in May, Apple said: “We have a level of malware on the Mac that we don’t find acceptable.”
Balmas also advised users not to open attachments from unknown accounts and be very wary of random links in emails or messaging apps, according to Forbes.
“As Macs become more common so the cybercrime focus increases—it’s a good source of income, and protections are far less mature than Windows,” he said.