New Mac malware in the wild, Backdoor.MAC.Elanor – can steal data, execute code, control webcam

After the first ever example of Mac ransomware was found in the wild earlier this year, Bitdefender Labs has found what it tells us is only the second example of true Mac malware to enter circulation this year, which it has dubbed Backdoor.MAC.Elanor. The app is available on a number of (formerly?) reputable download sites such as MacUpdate.

The backdoor is embedded into a fake file converter application that is accessible online on reputable sites offering Mac applications and software. The EasyDoc Converter.app poses as a drag-and-drop file converter, but has no real functionality – it simply downloads a malicious script.

This is a nasty backdoor that can steal data, execute remote code and access the webcam, among other things …

 

Malwarebytes director Thomas Reed has reportedly advised MacUpdate that the malware is present on its site, but as the time of writing it had not yet been removed.

Bitfender’s technical lead Tiberius Axinte says that there is no real limit to what Backdoor.MAC.Elanor can do.

This type of malware is particularly dangerous as it’s hard to detect and offers the attacker full control of the compromised system. For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices. The possibilities are endless.

The good news is that the malicious app is not signed by an Apple Developer ID, so as long as you have your Mac set only to open apps from the Mac App Store or known developers, it won’t open. It does, though, emphasize the importance of exercising caution even when downloading apps from reputable sites.

Bitfender has promised more technical details of the malware later this morning.

 

-9to5mac-

Vienici a trovare, cerca la CLINICA®IPHONE più vicino a te

logo_clinica_iphone_bn

App

Siamo Social

CLINICA®IPHONE è ® 2008 - 2021 - Tutti i diritti riservati. Dr Adriano-Mac Repair è ® 2008 - 2021 - Tutti i diritti riservati. CLINICA®IPHONE 2008 - 2021 è un marchio di fatto e di insegna. iPhone, iPad, iTunes, Apple TV, Macintosh e il logo Apple sono marchi di Apple Inc. Questo sito non è in alcun modo affiliato con Apple Inc. Non siamo un Apple Stores, non siamo un Apple Retail.

Accettiamo Pagamenti anche con

loghi_carte_gray

Copyright © 2021 CLINICA®IPHONE - Next s.r.l. - P. IVA 12168701006 - Privacy Policy - Note Legali - Codice Etico

× Contattaci su WhatsApp!