Following news of Android devices being affected by a dangerous malware looks like Macs are now in the cross-hairs as well. Discovered by Bitdefender Labs, the malware is dubbed as ‘Backdoor.MAC.Eleanor’ and it is embedded into a fake file converter app. Bitdefender researchers say that this malware can “expose Apple systems to cyber-espionage and full, clandestine control from malicious third-parties.”
The fake file converter application is accessible online on reputable websites which offer Mac applications and software. The application named EasyDoc Converter.app hides behind the skin of a file converter, but on downloading it installs a malicious script. The script then installs and registers certain components to system startup. The attacker then anonymously gains access to the control-and-command center from the outside via a Tor-generated address. The attacker can perform activities on the infected device, such as tampering with the file manager, execute commands, send emails with attached files and much more.
Bitdefender Labs, in their report, also says that the malware uses a tool named ‘wacaw’ to capture images and videos from built-in webcams. It also uses a daemon tool to fetch updates and files from the user’s computer or execute shell scripts. Shell scripts are computer programs designed to be run by a command-line interpreter, the Unix shell.
Bitdefender Labs’ Technical Leader, Tiberius Axinte comments on the gravity of the situation – “For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices. The possibilities are endless.” Since the app is not digitally designed by Apple, he further advises to download applications exclusively from the App store.