This new macOS backdoor lets hackers take over your Mac remotely — how to stay safe
Hackers are beefing up their efforts to go after the best MacBooks as security researchers have discovered a brand new macOS backdoor which appears to have ties to another recently identified Mac malware strain.
As reported by SecurityWeek, this new Mac malware has been dubbed SpectralBlur and although it was uploaded to VirusTotal back in August of last year, it remained undetected by the best antivirus software until it recently caught the attention of Proofpoint’s Greg Lesnewich.
In a blog post, Lesnewich explained that SpectralBlur has similar capabilities to other backdoors as it can upload and download files, delete files and hibernate or sleep when given commands from a hacker-controlled command-and-control (C2) server. What is surprising about this new Mac malware strain though is that it shares similarities to the KandyKorn macOS backdoor which was created by the infamous North Korean hacking group Lazarus.
Just like SpectralBlur, KandyKorn is designed to evade detection while providing the hackers behind it with the ability to monitor and control infected Macs. Although different, these two Mac malware strains appear to be built based on the same requirements.
Once installed on a vulnerable Mac, SpectralBlur executes a function that allows it to decrypt and encrypt network traffic to help it avoid being detected. However, it can also erase files after opening them and then overwrite the data they contain with zeros.
Mac malware is on the rise
If you thought your Mac was safe from hackers and malware, I’ve got bad news for you. Cybercriminals may have preferred Windows machines in the past but now that Apple’s computers have seen a surge in popularity over the past few years, they’ve become a much more valuable target.
According to a blog post from the non-profit Objective-See (via The Hacker News), 21 new malware strains designed to target macOS were discovered in 2023 alone. This is a significant increase compared to the previous year when only 13 Mac malware strains were identified.
As such, expect to see even more Mac malware this year as hackers and other cybercriminals have seen firsthand just how valuable it can be targeting Apple’s computers over the best Windows laptops.
How to keep your Apple computers safe from hackers
As is the case with the best iPhones, keeping your Mac up to date is the easiest and most important way to keep it safe from hackers. This is because hackers often prey on users that haven’t updated their devices to the latest software as they can exploit unpatched vulnerabilities and security flaws.
Checking to see if you're running the latest version of macOS is quite easy to do. Just click on the Apple Logo in the top right corner of your computer, head to System Preferences and then click on Software Update. If you need a bit more help, check out our guide on how to update a Mac for more detailed instructions with pictures.
Even though your Mac comes with its own built-in malware scanner from Apple called xProtect, you should also consider using one of the best Mac antivirus software solutions for additional protection. Paid antivirus software is often updated more frequently and you often also get access to other extras to help keep you safe online like a password manager or a VPN.
Besides updating your Mac frequently and using antivirus software, you also just have to be careful online. This means sticking to trusted online retailers, carefully checking the URLs of the websites you visit and avoiding opening links and attachments sent to you via email or on social media from people you don’t know. Likewise, you should also learn how to spot a phishing scam so that you know which emails you’re going to want to delete right away.
The thing about hackers and other cybercriminals is that they are constantly evolving their tactics and attack methods. This helps them avoid detection but it also allows them to come up with brand new ways to trick ordinary people.
With the surge we saw in Mac malware last year though, I think it’s likely that Apple will be working on ways to beef up xProtect and macOS to better defend against all of these new threats.
