Think Macs can't get infected? Think again.
Credit: Aleksandar Malivuk
The North Korean state-sponsored hackers called the Lazarus Group have deployed their first Mac malware ever, Russian cybersecurity company Kaspersky Lab reports. The malware, part of a campaign that Kaspersky labeled "Operation AppleJeus," was used to successfully hack into an Asian cryptocurrency exchange platform, presumably to steal digital currency.
"The company was breached successfully, but we are not aware of any financial loss," Vitaly Kamluk, director of the Asia-Pacific division of Kaspersky's Global Research and Analysis Team, told BleepingComputer.
The attackers hid their malware on a fake website that pretended to belong to a cryptocurrency trading-software developer -- a classic "watering hole" attack that leads potential victims to danger. The website offered cryptocurrency-trading apps for Mac and Windows, with each containing malware to infect their respective systems.
An employee of the trading platform downloaded the Windows version, which contained a remote access trojan (RAT), which grants hackers remote administrative control over their victims' computer.
While there has historically been more malware out there for Windows users, Mac malware has faced a rising tide in recent years, although adware and potentially unwanted programs (PUPs) are more prevalent on Macs than true malware.
If you're a Mac user, don't fall for schemes like this. A lot of Mac malware deceives the user into installing it, despite Apple's best efforts, so be very careful about installing free online tools or pirated software. It's also important to run Mac antivirus software -- but be careful of "scareware" popup ads that claim your Mac needs to be cleaned. We're big fans of Kaspersky's Internet Security for Mac.