Malware free? Think again.
Days after Craig Federighi, Apple's head of software design, made an unprecedented admission in court on the ongoing Epic Games vs. Apple tiff that the Cupertino-based company has a problem with malicious, harmful software or malware, security researchers found more malware wreaking its havoc on the operating system for Macs, the macOS.
Apple macOS Malware Takes Control of User Hard Drive, Microphone, Webcam
Cybersecurity company Jamf said the XCSSET malware have infected the macOS-run computers by exploiting a glaring vulnerability, allowing hackers to take screenshots, access the microphone, or record the screen on infected Macs without the user's permission. This "zero day" or software vulnerability, Ars Technica noted, had not been spotted until recently. It resided in the system's Transparency Consent and Control Framework, which required user permission to grant an app access to hard drives, microphone and webcam.
XCSSET exploits this vulnerability to bypass the TCC safeguards and take control of the user's hard drive, microphone and webcam. Apple had since tracked the vulnerability and provided a critical fix CVE-2021-30713 to prevent this new malware attack.
This zero day was not actually the first time XCSSET exploited to infect the macOS. This malware, as discovered by Trend Micro in August last year, used two zero days to target systems of Mac developers, particularly their Xcode projects in building apps, Tech Crunch revealed. As these app development projects get infected, the developers would unsuspectingly deploy and distribute malware to users in what Trend Micro called a "supply-chain-like attack."
Read also: Apple macOS Hit With Malicious and Risky Bug: Download Update 11.3 to Fix the Security Issue
Apple macOS Malware Under Continuous Development
With its continued attacks on Mac systems, XCSSET has been found to be under continuous development, Tech Crunch added, as new variants of the malware set were found to infect M1-run Macs.
In infecting the Macs, XCSSET would steal browser cookies and files, created backdoor access to websites, collect data from messaging apps like Skype and Telegram, encrypted files and also taking screenshots.
Apple emphasized through a spokesperson that the malware issue is not widespread and only affected users who downloaded and ran XCSSET, and macOS failed to block it, Forbes noted in a report. The safest source for downloading apps for the Mac, the spokesperson said, should be the Apple Mac App Store.
While the malware, security experts agree, is not widespread with Trend Micro counting 400 systems infected, it has shown such severe vulnerabilities in the macOS, Forbes furthered. This new attack came just weeks after Apple issued a patch to fix another vulnerability, which was exploited by another malware that sneaked past security checks from such apps as File Quarantine and Gatekeeper that supposedly protect the Mac from malicious apps.
MacOS 11.4 Download Instructions
As such, users need to update their Apple Macs again by downloading macOS Big Sur 11.4, with iMore.com giving detailed instructions. In this update, Apple said the malware would no longer abuse TCC permissions to control sensitive parts of the system to invade user privacy.