A dangerous new tool that can allow hackers to completely take over your Mac has been discovered on a dark web forum with a bit of help from ChatGPT.
While hackers have used ChatGPT to create malware in the past, this time around, security researchers from the cybersecurity firm Guardz turned to OpenAI’s chatbot as part of their investigation into dark web malware.
According to a blog post, after recently uncovering the new ShadowVault malware which targets Macs, the firm’s researchers decided to leverage the power of AI by asking ChatGPT about other macOS threats that might exist on the dark web. Even though ChatGPT didn’t name any specific threats outright, it motivated Guardz to take a deeper look into other cyberthreats for macOS.
After investigating posts on the Russian cybercrime forum “Exploit,” the Guardz security researchers discovered a tool that has been available since April of this year that, for a steep price, can allow hackers to gain persistence and even take complete control over vulnerable Macs.
An extremely powerful, yet expensive tool
What gives legitimacy to Guardz’ findings and to the tool itself is that the hackers who created it have set aside $100,000 in an escrow account as insurance just in case it doesn’t work as advertised. If a hacker finds that the tool doesn’t live up to the hype, the forum’s administrators have the right to use this money to provide them with a refund.
As 9To5 Mac reports, the tool itself uses Hidden Virtual Network Computing (HVNC) to provide unauthorized access to vulnerable Macs. While Virtual Network Computing (VNC) is a legitimate technology used to remotely control another computer over a network, often for tech support purposes, HVNC lets an attacker accomplish the same thing without a victim’s knowledge.
Victims whose Macs are infected with this new HVNC tool will be left completely unaware that someone else is currently accessing their computer. Like other Mac malware, the primary purpose of this tool is to steal sensitive information from an infected computer like a victim’s credentials or their personal or even financial information.
Based on Guardz’ analysis of the tool, it’s currently being distributed through email attachments, malicious websites or exploit kits sold to other hackers for a price. There’s also a variant of this HVNC tool for Windows with similar functionality that was developed by the same cybercriminal.
Fortunately though, this tool will likely be used against businesses and other high-profile organizations due to how expensive it is. For instance, lifetime access to this HVNC tool costs $60,000, though there’s also a $20,000 add-on for it available that increases its malicious capabilities.
How to keep your Mac safe from malware and other cyber threats
The first and most important thing you can do to keep your Mac safe from malware and viruses is to ensure that it’s up to date and running the latest software from Apple (Apple Logo > System Preferences > Software Update). For instance, the HVNC tool described above only works on Macs running macOS Venture 13.2 or older software. As the current version is 13.4.1, updating your Mac will keep it protected from this threat, at least for now.
As is the case with the best iPhones, you want to avoid installing apps or other software from sources besides the Mac App Store. This is because you could accidentally be downloading and installing malware instead of the program you were actually trying to put on your Mac.
At the same time, you should be using the best Mac antivirus software to keep your Mac protected against new malware strains, viruses or other cyberattacks. macOS has its own built-in malware scanner called xProtect but paid antivirus software is updated more often and may include useful extras like a password manager or even a VPN.
Since this new HVNC tool poses quite a threat to the best Macs, Apple will likely try to combat it in its next series of updates for macOS. However, in the meantime, Mac users are going to want to be extra careful online, especially since this tool could be used to attack consumers much more easily than businesses.