Atomic Stealer Mac malware: New malware for macOS

Atomic Stealer Mac malware: a new malware variant for macOS.

4 Mac Malware Finds in 2022

Mac malware in 2022: An overview of four important macOS malware variants found in 2022 and tips on staying safe.

GravityRAT Windows malware has new macOS variant

Security researchers have just announced the discovery of Android and macOS variants of GravityRAT, a Windows spyware threat that’s been around since at least 2016.

FinSpy spyware for macOS discovered

Researchers at Amnesty International have just announced the discovery of FinSpy spyware variants that target macOS and Linux users. In this article, we’ll tell you what they found, share some technical details uncovered by Amnesty’s malware analysts, and explain what it means for security and privacy.

What is FinSpy?

FinSpy is commercial spyware, produced by a private company and sold to law enforcement and intelligence agencies around the world. There are (arguably) legitimate uses of such monitoring software, for example in criminal and anti-terrorism investigations; however, FinSpy’s manufacturers have come under fire …

XCSSET: New Mac malware infects Xcode projects

Security researchers have discovered an interesting new variety of macOS malware that spreads by attacking Xcode projects. It’s called XCSSET, and in this article, we’ll tell you what you need to know about this unusual threat in order to stay safe.

What is XCSSET?

XCSSET is a suite of malicious components that spreads through infected Xcode projects.

Xcode is a tool used by app developers to write software for Apple platforms. An Xcode “project” simply refers to the repository of files, information, and resources that are used to build an app for deployment.

If …

LightSpy: APT malware for iOS

Security researchers have discovered a new form of iOS malware that they’ve dubbed LightSpy affecting both iOS and Android.

New fileless malware for macOS linked to Lazarus Group

The new malware sample bears similarities to the well-known AppleJeus malware, which targets cryptocurrency exchanges. AppleJeus is the product of Lazarus Group, a shadowy cybercrime organization believed by many to be linked to North Korea.

Police Can Now Access iPhone Data Using a Secretive Piece of Hardware

For several years now, a fierce debate has raged over how much access law enforcement organizations (LEOs) should be able to have to the mobile devices of those suspected of a crime. The issue made nationwide headlines after the San Bernardino attacks in 2015, when the FBI grappled with how to break into an iPhone used by one of the perpetrators. While the FBI did eventually retrieve device data by utilizing an unknown group to gain access to the phone’s encrypted contents, law enforcement agencies, in general, have maintained that they must have a “backdoor” to access info secured by your iPhone passcode. Apple has steadfastly refused to give in to such demands, but it appears that for now, those refusals don’t matter: LEOs can now use a pricey piece of hardware called GrayKey.

Recent Downloads from Eltima Software Were Infected with Malware

If you recently downloaded Elmedia Player or Folx—two Mac OS X programs from German-based developer Eltima Software—then your Mac may be infected with malware. According to a report from ZDNet, hackers recently managed to breach the Eltima Software servers. The hackers bundled Elmedia Player and Folx with a Mac OS X Trojan called Proton.

Elmedia Player is a popular media player app that Eltima says is capable of recognizing “any file format you probably may think of.” The app also allows for HD video playback with no slowdowns and …

Ransomware Attacks Target Apple Users Via iCloud

A recent rash of ransomware attacks has left some Apple users locked out of their Mac computers and iOS devices. The nature of the attacks led some users to wonder if Apple itself had suffered some kind of hack. The good news is that the situation does not appear to be an Apple hack. The bad news is that hackers have somehow managed to get their hands-on login credentials for some users.

Hackers are attacking users by logging into their iCloud accounts and enabling the “Find My iPhone” function. …

Another Ransomware Attack Spreads Around the Globe

At the end of June, the world awoke to another widespread ransomware attack locking down machines across the globe. This time, the bulk of the attack centered on Ukraine, although countries such as Germany, the UK, and the USA also saw infections. Initially, the media reported that this was an attack executed by ransomware known as “Petya.” Petya was originally discovered and detailed back in 2016, spreading through infected emails and employing the typical demand of a ransom paid in Bitcoin.

The attacks of June 27, however, were very …

WannaCry Locked Down Australian Traffic Cameras, Caused Voided Citations

Do you think that ransomware attacks only affect personal computers and business systems? Think again — the recent widespread infections caused by the WannaCry ransomware touched more than just hospitals in the UK and unpatched Windows PCs. In the Australian state of Victoria, hundreds of traffic cameras, meant to enforce speed limits, were knocked offline after the malware infected the system. Instead of encrypting data for ransom, the system instead became locked in a continuous cycle of rebooting.

Because of the infection, police in Victoria announced that they would …