Russia-backed malware can now target Macs

The state-backed Russian group accused of hacking the Democratic National Committee appears to be expanding its repertoire. Bitdefender Labs researchers have obtained a sample of a Mac-native variant of Xagent, the backdoor malware linked to Russia’s APT28 (aka Fancy Bear or Strontium). The code not only allows swiping passwords and capturing screenshots, but includes a module that can swipe iOS device backups created by iTunes. While it’s easy to encrypt those backups, this theoretically gives intruders a chance at snooping on iPhone data without having to compromise the iPhone itself.

As for the evidence? The modules in the Mac variant of Xagent show a “number of similarities” to the components for Linux and Windows, Bitdefenders says. The malware’s command-and-control addresses are also eerily similar to the ones APT28 uses for another malware tool, Komplex.

There’s still a lot left to be uncovered. The security team only has the malware itself, not a full picture of how an attack works — Komplex, which infects Macs through a hole in the notorious MacKeeper antivirus kit, is one possible vector. It’s also unclear what other modules are available. Either way, this isn’t exactly comforting for Mac users who may find themselves in Russia’s crosshairs. It’s possible to protect against Xagent (Bitdefender says its AV software will work, and others likely will too), thankfully. The concern is that Russia might have already used the malware, or that it may target people who are unaware of the threat.

Via: CSO

Source: Bitdefender Labs

Engadget RSS Feed

OS X update could use iPhone’s Touch ID to unlock Macs

As we approach Apple’s annual WWDC event that starts June 13th, the rumors about upcoming iOS and OS X features are sure to ramp up. This week, MacRumors is reporting that the company is working on a way for you to unlock a Mac using your iPhone’s Touch ID feature. The security measure is said to bypass a typed log-in using Bluetooth when the phone is “in close proximity” to a computer running OS X. As MacRumors notes, there’s a similar feature on the Apple Watch that allows an unlocked iPhone to provide access to the wearable without the need to enter a second password.

If this Touch ID to unlock a Mac functionality sounds familiar, the third party Knock app for iOS and Apple Watch unlocks a nearby computer with those devices rather than having to key in a password. Back in March, Recode reported that Apple Pay was on its way to the browser for making purchases on the web. This new report suggests that the Touch ID interaction with Macs will be used to confirm those transactions as well. As is the case with any rumor, it pays to be a bit skeptical. However, we won’t have to wait long to see if this news is indeed true.

In terms of other rumors for OS X 10.12, reports indicate that Siri could finally make its debut on the desktop. This week, rumblings surfaced about the design of the dock icon, but we’ll have to wait a few more weeks to see if that virtual assistant or Touch ID unlocking will be a part of this fall’s software update.

Source: MacRumors

Engadget RSS Feed