Your Mac Could be In Danger from New Malware

Researchers have discovered new exploits that could gain access to your files, passwords, and webcam.

Getty Images / Justin Sullivan

It might be time to install antivirus software on your Mac — or to at least use Apple’s recommended security settings instead of opening yourself up to attack.

On July 6, Bitdefender revealed a new backdoor called Eleanor that allows hackers to snoop around your files and capture images or videos from your Mac’s webcam. Eleanor spreads with an “app” called EasyDoc Converter that claims to offer drag-and-drop file conversion but really just installs the malware.

Eleanor is “particularly dangerous as its hard to detect and offers the attacker full control of the compromised system,” said Bitdefender Antimalware Lab technical leader Tiberius Axinte. “For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices. The possibilities are endless.

Some people put tape on their webcam to avoid surveillance from intelligence agencies and police departments. Now perhaps the built-in spyglasses should be covered to defend against malware like Eleanor.

Another newly-discovered piece of malware was revealed by ESET on July 6. It’s called Keydnap, and it was built to steal information from the Keychain app built-in to every Mac that is used to store website logins, WiFi network passwords, and other information most people want to keep safe.

“There are a few missing pieces to this puzzle,” said ESET malware researcher Marc-Etienne M.Léveillé. “We do not know at this point how Keydnap is distributed. Nor do we know how many victims there are out there.” But it’s clear that Keydnap is out in the wild and — whether it’s distributed via spam messages, sketchy downloads, or some other method — affecting unsuspecting Mac users.

Eleanor and Keydnap can both be blocked by using Gatekeeper, a tool that automatically stops programs that aren’t downloaded from developers trusted by Apple from opening. Gatekeeper is enabled by default, but it can be disabled, often because someone wants to use software made by developers that haven’t been sanctioned by Apple. (Or they just prefer not to be warned whenever they first open an app downloaded from somewhere other than the Mac App Store.)

Gatekeeper isn’t foolproof but it’s better than leaving your Mac totally unprotected. And it might be worth looking into a webcam cover anyway — you never know who might be using it to watch every move you make in front of your computer. Do you really want to give Eleanor the satisfaction?

Related Tags