Beware of CloudMensis, this new spyware that targets Mac users

Lucas Guillemot

August 01, 2022 at 4:08 p.m.


apple security logo banner #disc

Traditionally, Mac users are less exposed to viruses and threats than their PC counterparts. However, they are far from immune and a new flaw targeting them exclusively has also been identified.

In an article dated July 19, ESET researchers, computer security specialists, detail the discovery of a new spyware they call CloudMensis.

How does CloudMensis work?

Like good spyware, CloudMensis installs without the user’s knowledge and hides itself to seek to collect data on the target computer discreetly. ESET experts called it that because it uses different cloud storage services and identifies its folders with month names.

In his article, researcher Marc-Étienne Léveillé indicates that he does not know how the software is distributed. Given the low presence noted, the expert suggests that CloudMensis is targeted spyware. Its purpose would therefore not be to collect as much data as possible from the general public, but rather to steal information from identified targets representing a particular interest.

CloudMensis could use 39 different commands whose purpose is to recover any type of data of interest: documents, screenshots, e-mail attachments or even sequences of characters entered on the keyboard.

Who is affected and how to avoid it?

CloudMensis appears to operate through three cloud storage providers: pCloud, Yandex Disk, and Dropbox. Indeed, identification tokens of this software were found in the code extracts analyzed by the researcher.

However, as we specified above, this spyware does not seem intended for the general public. According to the author of the article, the best way to avoid getting infected is above all to keep your machine up to date with the latest versions of macOS and cloud storage clients. Installing an antivirus for Mac is also highly recommended.

Apple has also announced its next version of the Mac operating system. Called macOS Ventura, this update should be released in the fall of 2022 and will integrate an isolation mode (lockdown fashion) which will drastically reduce the functionality of the device to protect it in the event of an imminent risk. This new protection will be available on Mac, but also on iPhone and iPad.

Source : Eset

Source link -99