New Mac spyware discovered at Oslo conference
Today security firm F-Secure announces the discovery of a new Mac-based spyware program, the latest in what has become a small, but growing trend. Attacks have previously affected Apple itself, as well as users in the wild. The latest problem was discovered at a recent conference in Oslo, Norway.
The Oslo Freedom Forum, an event that is designed around the world's most influential dissidents, innovators, journalists, philanthropists, and policymakers, just wrapped up on May 15. During a workshop on freedom of speech, Jacob Applebaum, an independent computer security researcher, discovered a new and previously unknown backdoor on an African activist's Mac.
F-Secure is currently investigating this, but has found that it is signed with an Apple Developer ID. The security firm also has determined that the program dumps screenshots into a folder called MacApp and that there are two C&C servers related to this attack, neither of which could be reached -- one is unresolved, while the other is "forbidden".
F-Secure has dubbed this malware with the catchy name of "Backdoor: OSX/KitM.A. (SHA1: 4395a2da164e09721700815ea3f816cddb9d676e)", and is continuing its investigation.
Ironically, the Oslo Freedom Forum revolves around helping users to secure their devices against government monitoring. The finding is just one more reminder that Macs are no more secure than Windows, just simply less targeted.
Photo Credit: Brian A Jackson/ShutterStock