acm-header
Sign In

Communications of the ACM

ACM TechNews

Booby-Trapped Sites Delivered Potent Backdoor Trojan to macOS Users


A Mac laptop.

With DazzleSpy installed, Macs become fully backdoored. The malware encrypts its communications with a control server and accepts at least 21 different commands.

Credit: Getty Images

Researchers at Slovak Internet security company ESET have uncovered macOS malware installed by exploits that were almost impossible for most users to detect or halt once the user visits a malicious Website.

The DazzleSpy malware is a full-featured backdoor trojan written from scratch to enable hackers to monitor and control infiltrated Macs.

ESET's Marc-Etienne M.Léveillé said the malware’s refinement and the apparent absence of a corresponding version for Windows suggests its creators are targeting Macs exclusively.

He added that on unpatched systems, DazzleSpy would start running with administrative privileges without the victim realizing.

Threat analysis researchers at Google who first discovered DazzleSpy's exploits said the hackers are likely state-financed, "with access to their own software engineering team based on the quality of the payload code."

Apple said it has patched the flaws exploited by this attack.

From Ars Technica
View Full Article

 

Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA


 

No entries found