"Apple Users Open to Remote Control via Tricky macOS Malware"

Researchers at Guardz have discovered Hidden Virtual Network Computing (hVNC) malware that infests Macs and silently executes complete takeovers without user permission.  It also sports persistence through reboots.  It's being sold at a lifetime price of $60,000 on the Dark Web, with add-ons available.  Virtual Network Computing (VNC) software is typically used by IT teams to provide remote technical support to users.  A doppelgänger version of the tool is hVNC, which can be bundled into malware that operates covertly, gaining access without requesting permission from the user.  According to the researchers, a macOS version of such a tool has emerged on Exploit, the infamous Russian underground forum.  It specializes in bagging all manner of sensitive information, including login credentials, personal data, financial information, and more.  The researchers noted that, concerningly for Apple users, the malware can also survive system reboots and other attempts at removal.  The macOS hVNC identified by Guardz has been available since April, with updates made as recently as July 13, and was tested on a wide array of macOS versions from 10 through 13.2. 

 

Dark Reading reports: "Apple Users Open to Remote Control via Tricky macOS Malware"

Submitted by Anonymous on