Booby-trapped Sites Delivered Potent New Backdoor Trojan To macOS Users

Researchers have uncovered advanced, never-before-seen macOS malware that was installed using exploits that were almost impossible for most users to detect or stop once the users landed on a malicious website. From a report: The malware was a full-featured backdoor that was written from scratch, an indication that the developers behind it have significant resources and expertise. DazzleSpy, as researchers from security firm Eset have named it, provides an array of advanced capabilities that give the attackers the ability to fully monitor and control infected Macs. Features include: victim device fingerprinting, screen capture, file download/upload, execute terminal commands, audio recording, and keylogging.

Mac malware has become more common over the years, but the universe of advanced macOS backdoors remains considerably smaller than that of advanced backdoors for Windows. The sophistication of DazzleSpy -- as well as the exploit chain used to install it -- is impressive. It also doesn't appear to have any corresponding counterpart for Windows. This has led Eset to say that the people who developed DazzleSpy are unusual. 'First, they seem to be targeting Macs only,' Eset researcher Marc-Etienne M.Leveille wrote in an email. 'We haven't seen payloads for Windows nor clues that it would exist. Secondly, they have the resources to develop complex exploits and their own spying malware, which is quite significant.'

Read more of this story at Slashdot.