Your MacOS Is Under Attack: 2019’s Biggest Malware Threats

Your MacOS Is Under Attack: 2019’s Biggest Malware Threats

MacOS and Malware

The Mac operating system (MacOs) has frequently been hailed as one of the best systems for its resiliency to malware and typical viruses. But the days of MacOs standing strong and tall with no worries have really always been a misconception. Mac systems are just as vulnerable to the beefed-up, intelligent malware threats that are out there today.

SentinelOne published a lengthy review of the MacOs malware at the end of 2018, but in a new release, SentinelOne also stated that there has actually been an uptick in the numbers of new types out there attacking users. Here is a look at some of 2019’s biggest MacOs malware threats that every Mac-reliant business owner should know.

1. OSX.Siggen: A Malware Download from a Malicious Domain

Masquerading as a helpful app called WhatsApp, OSX.Siggen is actually a latched-on malware that slips in during a regular app download. WhatsApp is a fake social media platform, and the download looks super enticing when users come across it. However, once added to MacOs, the app runs with a backdoor designed to take administrative control over the system.

2. KeyStealDaemon: Password Hijacker

This dirty malware showed up in February of 2019, but by June it was still running strong. Apple allowed a patch several years ago designed for another purpose, but KeyStealDaemon can create administrative privileges for itself by slipping through. Unfortunately, this malware allows the person behind the scenes to get into the system and steal pretty much any password you have stored. The good news is, if you have properly updated your system, KeyStealDaemon can be booted out because it cannot break through.

3. CookieMiner Slips In and Steals Credentials

Toward the end of January 2019, a cryptominer showed up with its own installed backdoor to induce a threatening combination of technologies to steal cryptocurrency exchange cookies and passwords for Google Chrome. The worrisome thing about CookieMiner is this: experts believe that the malware could potentially have the rare ability to bypass things like authentication processes that involve multiple factors. If CookieMiner is capable of gathering enough cookies and credentials, cryptocurrency wallets can be virtually pickpocketed right in plain sight.

4. Mokes.B Puts On a Good Act

Persistence agents running amuck on your MacOs with familiar names may never be spotted, especially if they are calling themselves things like Firefox, Skype, or Chrome. This is precisely how Mokes.B avoids suspicion when it latches onto the operating system in application support folders and tracking files. Mokes.B is super-scary because it can gain the ability to take actual screenshots whole you are on pertinent screens, but it can also record keystrokes to steal date you are keying in.

5. A Variant of OSX.Pirrit Has Shown Up

OSX.Pirrit caused a lot of problems a few years ago, but this malware never really disappeared altogether. Instead, new family members under the old parent app are still being found on MacOs, and they are not being detected as they would otherwise be when acting as OSX.Pirrit. The aim of this malware is to make money from redirect actions that occur as a result of a browser infection, but there are rumors that PIRRIT is potentially capable of stealing data as well.

6. OSX.Dok Reroutes User Traffic

OSX.Dok gets into a system and installs a securely tucked-away Tor version location on a Mac system. User traffic hitting a site gets sent to an onion server instead of where it should be, which is a major problem for business owners needing to protect sensitive customer actions when they think they are on an e-commerce website. One of the scariest things about OSX.Dok is the fact that it can steal even SSL encrypted internet traffic maneuvers. Older versions of this software were thought to be banished, but new versions continually pop up.

Even though there are so many Mac users who think they are covered by some unseen immunity from malicious software, these risks are there and the growing list of 2019 proves that fact. Attackers deploying these software programs are targeting those easy-to-break barriers, so something like an improperly updated computer or even an unsuspecting employee can leave a business computer wide-open for an attack.

Share this post

Invotec Solutions IconInvotec Solutions

Unit 9/148 Chesterville Road, Cheltenham

5.0 7 reviews

  • Avatar Matt Wilde ★★★★★ 2 years ago
    Working with an education solutions expert such as Invotec has meant that we have had a collaborative partner every step of the way in the development of, not only our ICT network infrastructure, but also in determining how best to engage … More students, deliver content, and drive learning outcomes.
  • Avatar Daniel McNairn ★★★★★ 3 years ago
    Invotec Solutions is a great company. Working in the education field they have been great support when we have had technical issues that have needed high level solutions. I know they have worked throughout the Catholic Education system … More and have always delivered a high level of service and support. Very easy to deal with and friendly support.
  • Avatar Marcia Reynolds ★★★★★ 3 years ago
    Invotec were fantastic! Being a small business owner and IT illiterate, Invotec helped me to get up and operating without an issue.
    I now feel secure knowing that they are there to back me up.
  • Avatar Aaron Hawke ★★★★★ 4 years ago
    I had the pleasure of working with the Invotec Solutions Team for our Cyber Security requirements. They really know their stuff and my expectations were well exceeded. Thanks Guys, You made it easy!
  • Avatar Korin Roehm ★★★★★ 5 years ago
    Invotec has been a great partner to our company. They're very quick and responsive. If you talk to anyone there you know that they're very knowledgeable in the work that they do.
  • Avatar Jan Chapman ★★★★★ 4 years ago
    Invotec really know their stuff, a great company that want to provide the best service possible. I highly recommend them.

Get a Quote