• Hello and welcome! Register to enjoy full access and benefits:

    • Advertise in the Marketplace section for free.
    • Get more visibility with a signature link.
    • Company/website listings.
    • Ask & answer queries.
    • Much more...

    Register here or log in if you're already a member.

  • 🎉 WHV has crossed 72000 (72k) monthly views (unique) and 272000 clicks per month, as per Google Analytics! Thank you for your support! 🎉

New MacSync Malware Evades macOS Gatekeeper to Steal User Data

johny899

Member
Content Writer
Messages
1,080
Reaction score
3
Points
43
Balance
$134.5USD
Have you ever trusted a Mac when opening an application, because nothing was displayed in the way of warnings? I have done this many times too. Unfortunately, trusting your Mac when it does not warn you of any potential threats could lead to trouble with a new malware dropper called MacSync. This malware can bypass macOS Gatekeeper verification.

What is the MacSync malware?​

MacSync is a very malicious piece of malware that collects personal data from users running Mac OS X. Security experts have released a new version of the malware that will confuse macOS into believing it’s legitimate. Very scary, right?

Under normal conditions, Gatekeeper will prevent any potentially harmful software from being opened or installed on your Mac. There’s nothing on the surface about this version that indicates it isn’t legitimate. Therefore, it will be allowed to run on your Mac without any warning messages.

How does it bypass Gatekeeper?​

It’s actually pretty simple. The malware contains a fake but legitimate-looking app.
It can have:
  • A valid Apple digital signature,
  • Apple notarization
  • Typical installer file (.DMG)
Because of all of this, Gatekeeper trusts it. After being opened, the malware runs silently in the background. Pretty clever stuff, honestly.

What types of information can be taken?​

After the malware is running, it can take a lot of important information like:
  • Saved passwords stored in web browsers
  • Data stored in the iCloud keychain
  • Personal information
  • Crypto wallet information if you have one
With this type of information, an attacker may be able to steal your funds or access your accounts. No one wants that!

Why this is important for Mac users​

There is a pervasive belief that Mac computers do not get attacked by malicious software, which I once believed as well. The reality of recent attacks indicates that Mac users have become a target for attackers.

Therefore, you should ask yourself the following question: Are you absolutely sure of the source of the application that you have downloaded?
 
You must log in or register to reply here.
Menu
Log in
Register