Mac users beware: two pieces of dark web malware have been spotted on the dark web that target Macs. Their names? MacSpy and MacRansom. These two pieces of software were made by an unknown person who is marketing them as services. This means that the malware can be sold and then continuously supported and updated.
Security companies like Fortinet and AlienVault have analyzed samples of the malware, and report that they aren’t that sophisticated, although MacSpy is being marketed as “the most sophisticated Mac spyware ever.” Even so, it gives the impression that cybercriminals are eyeing Macs as viable targets more and more, instead of sticking to Windows.
The creator of MacSpy claims that it can capture screenshots every 30 seconds once it has been installed on your system. It can log all of your keystrokes, access your synced iPhone photos, record sounds even if your microphone isn’t turned on, and get your history and download data from Safari and Chrome.
Once installed, there will be no digital trace that can be associated with you.
As for MacRansom, it works similarly to other ransomware products. This software is for “people who want to earn easy money from unsuspecting family members, friends, colleagues, and classmates.” MacRansom appears to demand a payment of 0.25 Bitcoin (roughly US$670 currently) to decrypt your data. However, Fortinet discovered it might not fulfill that promise.
So should you worry? Not really. Both malware products can be easily identified by most antivirus programs. Although many Mac users have the impression that they don’t need an antivirus program, the reality is that Mac malware is on the rise. As Patrick Wardle told Motherboard,
Apple continues to improve the security of [its systems]…But Mac users should just be cautious, should not be not be overconfident, and should not assume that just because they’re using a Mac they’re inherently safe.