Macs Targeted by Windows, Linux Spyware
September 15, 2016
Seid Yassin (557 articles)

Macs Targeted by Windows, Linux Spyware

The old “Macs don’t get viruses” chestnut hasn’t been true for years, if it ever was. But Apple aficionados can take a small measure of comfort in the fact when they’re under attack by malware, they’re often not alone.

The Mokes.A malware, first discovered back in January for Windows and Linux, has now been found to go after Macs as well. While it’s a potentially very harmful program, though, it’s also fairly easy to remove.

Securelist, a site run by Moscow-based security firm Kaspersky Labs, shared information about the newly discovered OS X malware, which it called “the missing piece.” Back in late January, researcher Stefan Ortloff wrote about Mokes.A for Linux and Windows, and predicted that an OS X version could be forthcoming. It took more than seven months to find it, but Ortloff was right.

As for Mokes.A itself, not much has changed since Ortloff first wrote about it. It’s self-replicating spyware that can take continuous screenshots, rifle through Microsoft Office documents, access photos and videos, record keystrokes and then send everything back to a command-and-control server for whichever cybercriminals or state-sponsored hackers may be running the operation. The Mac version sets itself up in folders for the App Store, Spotlight Helper, the Dock, Skype, Chrome, Firefox and Dropbox.

The most interesting thing about this fairly sophisticated, but otherwise unremarkable, malware is that it affects Mac OS X, Windows and Linux alike. (But it’s not the first time we’ve seen Linux malware repurposed to attack OS X.)

To make matters worse, the infection vector is not clear. Ortloff mentions that Mokes.A comes packed in an executable file, but hazards no guesses as to where the malware hides out online, nor who might be behind it.

If you do somehow get infected with Mokes.A, the Kaspersky Labs antivirus software can find and destroy it. But as of this writing (Sept. 8), only half a dozen other malware-detection agents could. Many others will catch up over the next few days.

Source | tomsguide