Macs are more secure than Windows PCs, but they’re not foolproof. Sometimes hackers find a way to infect Apple devices, but most of the time we are the ones who allow it. Apple’s App Store is difficult to break into, so hackers trick people into downloading apps from third-party stores or random websites.
Although these apps look legitimate, they are actually tools to infect your device with malicious software. A recent incident in which North Korean hackers targeted Macs by hiding malware in seemingly innocuous macOS apps highlights this issue.
We’re giving away a $500 gift card this holiday season.
Please enter by sign up For my free newsletter.
People working on Mac (Kurt “Cyber Guy” Knutson)
How does malware work?
recent discoveries Jamf Threat Lab has revealed a sneaky form of malware that targets macOS computers. It may sound technical, but understanding the basics of how this malware works can help you stay safe online.
The malware hides in seemingly harmless applications, such as a game called Minesweeper and a note-taking app called Notepad. These apps work as expected, but behind the scenes malicious programs can run and allow hackers to take control of your computer.
These apps use a technology called Flutter. This is a commonly used tool for creating apps that work on multiple devices such as phones and computers. Flutter makes it easy for app developers to design software, but its unique structure also helps hackers hide malicious code, making it difficult for experts to detect.
Once installed, the malware connects to a remote server (think of it as a hacker’s command center) to receive instructions. These instructions may include running commands on your computer without your knowledge. One of the tricks this malware uses is to run AppleScript, a type of script built for macOS systems. AppleScript can silently execute commands to steal data or take control of your device.
What’s even scarier is that some versions of this malware were signed and approved by Apple’s security systems before being discovered by experts. This means the hackers were testing how far they could push their plans without arousing suspicion.
Woman working on various Apple devices (Kurt “Cyber Guy” Knutson)
4.3 million Americans fall victim to massive health savings account data breach
Connection with North Korea
This malware is more than just a random cybercrime, it involves tactics and techniques commonly associated with North Korean hackers. Experts identified similarities between the malware and previous attacks linked to North Korea, including the use of specific coding techniques and domains known to be exploited by the country’s cyber teams.
North Korea has a history of using cyberattacks to raise funds for operations and disrupt systems around the world, often targeting financial systems or vulnerable individuals. In this case, the malware appears to be in a testing phase and could lay the foundation for a larger attack in the future.
Apps containing malware are designed to appear harmless. These tactics suggest a focus on deceiving people through social engineering, a technique that North Korean hackers have used in the past.
By embedding malware within apps that look useful or fun, attackers can increase the likelihood that someone will download and use the infected software. Although this particular malware has not yet been associated with active attacks, its association with North Korea’s cyber strategy is a strong indicator of potential future risks.
woman working on laptop (Kurt “Cyber Guy” Knutson)
Massive security flaw puts the most popular browser on MAC at risk
5 tips to protect yourself from Mac malware
1) Use reliable antivirus software. A strong antivirus program is your first line of defense against malicious links and malware that can steal your personal information. Don’t click on random links, especially in emails or messages that claim to be urgent or request updates. The best way to protect yourself from malicious links that can install malware and access your personal information is to install antivirus software on all your devices. It can also warn you about phishing emails and ransomware scams, helping you keep your personal data and digital assets safe. Get my picks for the best antivirus protection products of 2024 for Windows, Mac, Android, and iOS devices.
2) Be careful with downloads and links. Download apps only from trusted sources, such as the Mac App Store or official websites of known developers. Hackers often disguise malware as legitimate updates or benign apps.
3) Keep your software up to date. Regular updates For macOS, installed apps are essential for patching security flaws. Apple frequently rolls out updates to address vulnerabilities, so enabling automatic updates helps ensure you stay protected without having to manually check.
4) Use strong and unique passwords. Strong passwords help keep your Mac safe from unauthorized access. Do not reuse passwords between different accounts. a password manager Very helpful here. Generate and store complex passwords that are difficult for hackers to crack.
It also keeps track of all your passwords in one place and automatically fills them in when you log into your account, so you don’t have to remember them yourself. By reducing the number of passwords you need to remember, you are less likely to reuse them, reducing the risk of a security breach. Learn more about me Check out the best password managers of 2024, reviewed by experts.
5) Enable two-factor authentication (2FA). activation 2FA For major accounts such as Apple ID, email, and financial services. This adds a second layer of security and makes it much harder for an attacker to access your account, even if they know your password.
How to remove personal data from the Internet
Cart important points
We’ve noticed a significant increase in malware hiding in seemingly harmless apps, whether it’s related to Mac, Windows, Android, or even iPhone. This shows that no device, even those made by Apple, are completely secure. Hackers, including those backed by North Korea, are constantly finding new ways to trick users into downloading malicious software. These attacks often go unnoticed because they look like regular, safe apps. As these threats become increasingly sophisticated, it’s more important than ever to stay aware of the risks and be careful about what you download and click.
Do you trust third-party app stores or only use the official app marketplace? Let us know by emailing us. Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report newsletter using the link below. Cyberguy.com/Newsletter.
Ask your cart a question or let us know your story you’d like us to feature.
Follow Kurt on his social channels.
Answers to CyberGuy frequently asked questions:
New from cart:
Copyright 2024 CyberGuy.com. Unauthorized reproduction is prohibited.
