News of massive malware and ransomware attacks tends to affect the Windows universe much more frequently than other operating systems. The platforms with the highest number of users are always the most persecuted by cybercriminals, so it is no coincidence that threats designed for Mac are less numerous. However, the last few years have seen a huge increase in malware created to infect Mac System, Linux, Android and many other operating systems.
So if you notice that your Mac, your wearables or your Apple devices work abnormally slow, or if you notice that your CPU consumes an excessive amount of memory, they may be indications that your computer has been infected by some threat and you may be a victim of a Cyberattack.
Threats to Mac system
▸Zoom
Zoom is a video conferencing application and recently quite used by many users due to our situation, in June it was revealed that it was possible to add users to video calls without permission and the Mac webcam activated. This was also a “zero-day” threat, in which the vulnerability had been discovered beforehand and the developer who made the software reported it, but after failing to act within the allotted 90 days, the vulnerability was published.
▸GravityRAT
GravityRAT is an infamous Windows Trojan that, among other things, has been used in attacks against the military. According to Kaspersky, it is now also on Mac. The GravityRAT Trojan can load Office files, take automatic screenshots, and record keyboard logs.
GravityRAT uses stolen developer certificates to bypass the Gatekeeper and trick users into installing legitimate software. The Trojan is hidden in copies of various legitimate programs developed with .net, Python, and Electron.
▸CookieMiner
This threat steals a user’s password and login information for their cyber wallets from Chrome, obtain browser authentication cookies associated with cryptocurrency exchanges, and even access iTunes backups containing text messages to gather. the information needed to bypass two-factor authentication and gain access to the victim’s cryptocurrency wallet and steal their cryptocurrency. Mac users should clear their browser caches after logging into financial accounts.
▸Meltdown and Specter
The Meltdown and Specter bugs could allow hackers to steal data. Meltdown would involve a “rogue data cache load” and can enable a user process to read kernel memory, according to Apple’s brief on the subject, in other hand, Specter could be either a “bounds check bypass,” or “branch target injection” according to Apple. It could potentially make items in kernel memory available to user processes. They can be potentially exploited in JavaScript.
▸NetWire and Mokes
These were described by Intego as a backdoor malware with capabilites such as keystoke logging and screenshot taking. They were a pair of Firefox zero-days that targeted those using cryptocurrancies.
