This dangerous Mac malware can infiltrate your entire system

A newly uncovered malware designed to target Macs has been effective in obtaining access to systems and stealing sensitive data. The discovery was detailed by internet security company ESET, which named the malware CloudMensis because of its reliance on cloud storage services.

A large monitor displaying a security hacking breach warning.Stock Depot/Getty Images

As reported by Bleeping Computer and PCMag, the malware can successfully take screenshots of a user’s system without their knowledge, in addition to registering keystrokes, taking files and documents (even from removable storage devices), and listing emailing messages and attachments. CloudMensis was originally detected by ESET in April 2022.

It makes use of pCloud, Yandex Disk, and Dropbox in order to execute command-and-control (C2) communication. The malware is fairly advanced in the sense that it provides the ability to carry out numerous malicious commands, such as viewing running processes, “running shell commands and uploading the output to cloud storage,” and downloading and opening arbitrary files. While CloudMensis has now been uncovered, the identity of those behind the malware attack remains unknown.

“We still do not know how CloudMensis is initially distributed and who the targets are,” ESET researcher Marc-Etienne Leveille said. “The general quality of the code and lack of obfuscation shows the authors may not be very familiar with Mac development and are not so advanced.

Nonetheless, a lot of resources were put into making CloudMensis a powerful spying tool and a menace to potential targets.”

ESET’s analysis reveals that the threat actors managed to infiltrate their first Mac target on February 4, 2022. Interestingly, CloudMensis has only been used a handful of times to infect a target. Furthermore, the Objective-C coding abilities from the hackers reveals they’re not well-versed in the MacOS platform, according to Bleeping Computer.

A depiction of a hacker breaking into a system via the use of code.Getty Images

When ESET examined the cloud storage addresses that CloudMensis was associated with, the corresponding metadata from the cloud drives revealed “there were at most 51 victims” from February 4 until April, 2022.

Once the malware is executed on the Mac system, CloudMensis is then able to completely evade Apple’s MacOS Transparency Consent and Control (TCC) system without being detected. This feature alerts users to a window where they’ll need to grant specific permission for apps that perform screen captures or monitor keyboard events. By avoiding TCC, CloudMensis can subsequently view the Macs’ screens and associated activity, as well as scan removable storage devices.

In any case, the malware is clearly more on the sophisticated end if it can bypass Mac’s own security measures with such relative ease. And it’s not just Macs that are exposed — PCMag highlights how the malware’s computing code confirms it can also infiltrate Intel-powered systems. “CloudMensis is a threat to Mac users, but its very limited distribution suggests that it is used as part of a targeted operation,” ESET said. “At the same time, no undisclosed vulnerabilities (zero-days) were found to be used by this group during our research.

Thus, running an up-to-date Mac is recommended to avoid, at least, the mitigation bypasses.”

If you own a Mac and want to check for viruses and malware, then be sure to head over to our guide explaining how to do so.

Editors’ Recommendations

Tags:

birch-box listed on couponmatrix.ukdaysoutcom listed on couponmatrix.ukfitflop listed on couponmatrix.uklindy-electronics listed on couponmatrix.uklloydspharmacy listed on couponmatrix.uksimply-paving listed on couponmatrix.uk
birch-box listed on couponmatrix.ukSince 2010 Birchbox have been providing a great new way for beauty addicts to try new brands and products every month. Launched by Katia and Hayley, the main intention was to give customers the opportunity to explore all their options in an affordable way. The result is the now-famous Birchbox - a collection of five makeup items and cosmetics suited to your individual style, hair colour and skin type. Besides their signature box, their website also has a great range of products for you to buy individually, making Birchbox a really innovative way to sample and purchase the products that work for you. Don’t just take our word for it though, go and have a look! Just make sure you check back at Groupon to find the latest Birchbox promo code that will make a bargain of your next beauty product.
daysoutcom listed on couponmatrix.ukHalf-term adventures, unforgettable dates and city staycations start with a visit to daysout.com, where you can find things to do anywhere in the UK. Whether it’ll be London, Birmingham or Edinburgh on the cards, make it a day to remember with affordable tickets for you and the family – our Days Out discount codes can save you money at with Madame Tussauds, the London Dungeon, SEA Life Birmingham, the Magical London Pass and much more. From theme parks and zoos to historical attractions and interactive experiences, there’s no better place than daysout.com for heaps of inspiration and tips for a cheap day out.
fitflop listed on couponmatrix.ukContenders for the unofficial 'brand with the most comfortable shoes in the world' award, Fitflop promises to transform every step with its range of precision ergonomics enhanced footwear. Boasting style, substance and science, slip on a pair for less with an exclusive Fitflop discount code and let your feet feel the difference. Designed by expert biomechanists, Fitflop’s unique triple-density Microwobbleboard mid-sole absorbs shock and diffuses underfoot pressure, so you can feel like you’re walking on air.
lindy-electronics listed on couponmatrix.ukLINDY Electronics is a leading provider of electronic products and accessories. LINDY offers a wide range of products including cables, connectors, adapters, switches, splitters and more. LINDY also provides a voucher code for customers to use when shopping on their website. The LINDY voucher code can be used to get discounts on your purchase. Simply enter the code at checkout to receive the discount. LINDY products are known for their quality and durability, making them a great choice for your electronic needs. So don't wait any longer, head over to LINDY's website and start shopping today! And don't forget to use that LINDY voucher code to get some great discounts. At Groupon, we understand that saving money is important to our customers. That's why we work hard to find the best LINDY Electronics voucher codes. We want you to be able to get the products you need at a price you can afford. So check back often, because we update our deals regularly. And don't forget to use the LINDY voucher code when you shop! It could save you even more money on your purchase. Thanks for choosing Groupon! One of LINDY's top-performing products is their range of cables. LINDY offers a variety of different types of cables, including HDMI, DVI, USB and more. LINDY cables are known for their quality and durability. They also offer a LINDY discount code which can be used to get discounts on your purchase. So if you're looking for a great cable at a great price, then LINDY is the place to shop! And don't forget to use that LINDY voucher code to save even more money. Thanks for choosing LINDY!
lloydspharmacy listed on couponmatrix.ukSince Allan Lloyd first founded his pharmacy back in 1973 it has gone from strength to strength, and today LloydsPharmacy is one of the UK’s leading pharmaceutical chains, with a wide range of products offered at incredible prices. Pick up a LloydsPharmacy discount code today and save yourself some money when the time comes to head to the checkout. From toothpaste to vitamins and moisturiser to deodorant, you’ll find everything you need at LloydsPharmacy.
simply-paving listed on couponmatrix.ukGet your next gardening project off the ground with Simply Paving, the specialist supplier of stone, concrete and porcelain slabs. Pick your choice of block and circular paving, then secure savings on every tile with a Simply Paving promo code. With walls, edgings and finer touches to perfect your ideal outdoor design, you can ensure your vision becomes reality with quality stonework that’s well priced and easy to set.