A cybersecurity researcher reveals that on Mac, it is very easy for hackers to prevent the dedicated tool from reporting a potential malware infection. Significant security flaws are to blame.
There are several ways toidentify the presence of malware on a Mac (or a Windows PC). One of them is based on the fact that malware is often persistent. This means thatthey keep running without your knowledge even if you turn off or restart the machine. This behavior is not exclusive to malware, many software uses it to save your settings, for example.
THE Background Task Manager, released with MacOS Ventura in October 2022, is used to identify such programs. Whenever one of them persists too long, it displays an alert. If it’s software you installed yourself, you ignore it. Otherwise, this can potentially indicate the presence of malware. The problem is that a cybersecurity researcher, Patrick Wardle, reveals thatit is very easy for hackers to prevent its operation.
Hackers Can Very Easily Bypass Mac Malware Reporting Tool
Patrick Wardle has already identified flaws in Apple’s tool. Alerted, the company had corrected them, but without going any further. The researcher found three more. One of them requires full access rights to the machinewhile the other two don’t need it, which is immediately more worrying. By exploiting a bug in the way the alert system communicates with the heart of the Mac, the kernel, hackers can block notifications from showing. Another bug allows suspend processes on the machinehence the display of warnings.
Also read – Thanks to ChatGPT, a dangerous malware that takes control of Macs is discovered
The researcher did not contact Apple before revealing these flaws. He explains that he has already warned the Apple brand about the weaknesses of his tool without this being followed up. For him, it’s like the malware reporting tool on mac doesn’t exist. Apple has not yet commented on the subject. Let’s not forget that malware on macOS is a reality. Even the notorious LockBit ransomware has taken to attacking Macs.
Source: Wired