New macOS malware lets attackers record your screen: How to protect your Mac
The malware was able to access the microphone, webcam as well as screen-recording — while bypassing Apple’s requirement to ask the user for permission.
Earlier this month, Apple released important security fixes for its macOS operating system to fix a massive security flaw that would let malware easily bypass many of the company’s security restrictions on the operating system. Now reports suggest that a new set of malicious software can infect Apple’s computers and spy on your activity.
According to a report by TechCrunch, the new malware is able to abuse a loophole used by attackers to infect devices via the developers. This vulnerability was detected last year, and was able to slip onto user devices after infecting the developer’s computer. The report suggests that the XCSSET malware, as it is called, was able to access the microphone, webcam as well as screen-recording — bypassing Apple’s requirement to ask the user for permission.
The malware creators are able to infect the user’s computer by ‘piggybacking’ their malicious code into a legitimate app, which then allowed them to access all the necessary permissions to record a user’s screen or turn on the microphone or webcam. These could be any apps that users regularly grant permissions to, such as Skype, Zoom or Slack, according to the report.
These new revelations are even more worrying as TechCrunch points out that the malware was able to use flaws to access a user’s accounts from Safari, then push a “development” version of Safari that allows them to keep track of all your browsing activity. Using the webcam permission could also result in your passwords being captured, a situation that has former intelligence consultant and leaker Edward Snowden has previously been warned of.
Fortunately, Apple says that the security flaw that allowed this sort of access has been fixed with the release of macOS 11.4 that was released on Monday. Once users have installed the update for macOS, they should be protected from the threat, but users are advised to stay away from unknown software for their Macs and use only trusted and well-known sources while installing software.