It’s time to update your Apple Mac again, as malware that secretly takes screenshots has been spotted exploiting a serious weakness in macOS security. The flaw could be abused to record video or access files on Macs too, making patching more urgent. The discovery was made by cybersecurity company Jamf during research into the XCSSET malware, first discovered in 2020. The hackers who created the spyware discovered they could get around a macOS privacy feature known as Transparency Consent and Control. The TCC is the feature that raises a flag when an app is doing something that might affect users’ privacy, such as taking photos or recording keystrokes, asking for explicit permission from the user before any action is taken. The malware coders found a way to hijack other apps’ permissions, ones that have already been approved by the user. For instance, according to Jamf, the malware could create an app within Zoom, the hugely popular videoconferencing app, that would secretly record what’s happening on the screen. Because the malicious app effectively hooked into Zoom, which already had permission to carry out the screen recording, no prompt warning about the action would land on the Mac users’ screen, according to Jamf. Thus far the hackers have only been seen abusing the flaw to take screenshots, but the same exploit could be abused to pilfer files, record audio over the microphone or take images via the Mac’s camera, Jamf said. The weakness has been addressed in the latest version of macOS, Big Sur 11.4, released on Monday, Apple confirmed to Forbes. Malware should no longer be able to abuse permissions of other apps as before. Apple also stressed that the issue only affected users who downloaded and ran the malware, and macOS didn’t block it. The company spokesperson added that the safest place to download software was the Apple Mac App Store. What’s motivating mysterious Apple Mac hackers? Jaron Bradley, a Mac expert at cybersecurity company Jamf, told Forbes it isn’t yet clear what is motivating the XCSSET hackers. Last August, the malware was seen exploiting unpatched vulnerabilities in macOS via its XCode development platform. Just this April, it was revealed the malware coders had adapted their tools to work on the latest Apple Macs, including the M1 devices.“Their backdoor is built with a number of different capabilities, some that are designed to spy on the user, some that focus on the theft of personal files and some that focus on ransomware functionality. It seems they have a variety of interests for the victim systems,” Bradley added. Whilst the malware isn’t particularly widespread - just under 400 at the last count by cybersecurity firm Trend Micro - it has highlighted another potentially-severe weakness in Apple’s desktop operating system.
All data is taken from the source: [ Ссылка ]
Article Link: [ Ссылка ]
#malware #newsheadlines #newstodayoncnn #newstodayworld #usanewstoday #newsworldwide #
