Posted on June 14, 2017 at 10:50 AM
News has come out of two dangerous malware targeted against Mac computers being uncovered on the Dark Web, offered via Malware- as-a-service (MaaS) and Ransomware-as-a-Service (RaaS) portals and estimated to have been running for about 3 weeks, starting from May 25.
Initially identified by Bleeping Computer, these two platforms offer software named “MacSpy” and “MacRansome” as services on offer for possible customers, as well as a later assistance that may be required for the software through Motherboard.
This two platforms are the creation of the same software creator, although Fortinet and AlienVault gave the description of the brain behind it as a “novice coder”, backing up this point with traits like the absence of a digitally signed file, this means that the antivirus setups of the macOS would still be notified of a malware invasion.
The researchers termed the macSpy the better coded one, although they said the MacRansom was more deadly owing to its potential to permanently destroy user documents if it users allows it. It should, however, be noted that the process through which this criminal would have to go through before getting the malware would certainly discourage them.
Dark Web portal peddling some sort of (new?) Mac malware pic.twitter.com/02obWvG4mg
— Catalin Cimpanu (@campuscodi) May 25, 2017
The two platforms are said to be closed, which means that any person willing to buy the services would have to first request a trial version after which payment would be discussed. Therefore neither of them seems involved in any distribution campaign.
Therefore, as Mac-focused security research specialist said to Motherboard, the rising resolve of cyber crooks to infiltrate Apple’s systems is a trailblazer in its own way. Ruben Dodge, a security journalist was quoted as saying that macOS and iOS contain so many not so informed individuals using this software and it is simply too appealing for crooks to ignore.
Even though MacRansom and MacSpy are not really projected to take off in that fashion, Mr Dodge was quoted as saying that it is only but a matter of time until some other malware developer or perhaps ransomware does.
It is reported that malware invasion on Mac computers rose up to 744% in the year 2016, even though this percentage was mainly weighted because of adware bundling in software on iMacs and MacBooks, which can be considered to be not as scary as any larger malware bought by a crook on Dark Web. Even with this, Bleeping Computer highlighted in its submission that Mac ransomware has been growing in the past one year.
As a way of precaution, users must only download and install applications from Mac App store, and if an application is only obtainable on a different website developer that can be vouched for. Even though Apple has been shouting at the top of its voice that the Mac is an anti-virus tool, Wardle warns users of Apple to remain alerted online.
Wardle said that Mac users ought not to be too confident and hence they should not conclude that since they are utilising a Mac they are free from any form of threat. Therefore everyone should be smarter for the preservation of the Apple universe.