Researchers have uncovered a powerful Trojan horse in macOS, which gives full access to the computer once it is infected. His name: DazzleSpy.
DazzleSpy is the short name given by researchers to a malicious program that rages on macOS only. Granted, viruses aren’t new to the operating system, but Trojans of this magnitude are still fairly rare. In this case, this backdoor program is quickly installed when the user consults certain trapped sites.
An invisible program and total control of the machine
Once implemented, the program gives criminals advanced control, including the ability to download and upload files, take screenshots or record audio, access the fingerprints, or to carry out commands through the terminal. All this is obviously done in a completely undetectable way for the user.
A high level design
For the Eset researchers who discovered DazzleSpy, the level of sophistication and the resources required to carry out such a program indicate that the team behind it is made up of professionals, no doubt supported by a state organization. The malware was reportedly deployed on pro-democracy sites in Hong Kong by hacking them or creating fake copies.
In Ukraine, the threat of a cyber war hangs heavy
Once one of these sites was visited, a cascade of scripts followed, until an infected executable was installed on the computer by exploiting a few macOS vulnerabilities. Fortunately, the security flaws that made it possible to reach the targeted Macs have since been corrected by Apple. In any case, this demonstrates the strength of the tools that certain malicious organizations are able to implement, especially in a period when cyberattacks are in the news, and that Windows PCs are not the only targets of such attacks…
The Red Cross victim of a serious cyberattack