Malware gets more cunning by the day. In fact, there’s one that could be covertly stealing critical information from the Mac you’re using right now. We’re not trying to scare you, though. It’s a little heads-up to every Mac computer users to be extra cautious.
Discovered just this year by Kaspersky Lab researcher, Stefan Ortloff, the malware called Mokes.A has been designed primarily to steal information. To begin with, it takes screenshots from a computer every 30 seconds. It also accesses videos, photos, and documents, too.
What makes it truly scary, though, is the fact that it sees what keys users press on their keyboards. This could potentially hand hackers vital information like passwords, bank credentials, and other sensitive personal info. Oh, did we mention that it could let hackers control infected Macs remotely?
Not the First Malware Threat against Mac
Macs may be far less susceptible to malware attacks compared to PCs, but this hasn’t stopped malicious parties from targeting Apple computers. Earlier this year, a lot of Apple customers fell victim to the first ransomware campaign against Macs: KeRanger. What it does is lock a computer up until the victim sends payment to cyber criminals.
Next came the discovery of the rare piece of malware, Mokes.A. It accesses Mac computers running OS X even after Apple released urgent security updates for iOS and MacOS. A version of the malware attacks Windows and Linux, too. That version of the software backdoor was first found in January and could attack different machines. The fact that it could easily affect a significant number of potential victims makes it scary. The one that targets OS X is no pushover, though.
Signs of Infection
A few obvious signs of infection include the creation of a new folder in a user’s Home Library Folder named ‘App Store’. Such a folder contains a background service named ‘storeuserd’. By default, your Mac shouldn’t even have that file or folder.
Another way to know if your Mac computer has been infected is to go to the Finder menu. Navigate to Go > Go to Folder and then copy-paste these paths:
• /Users/$USER/Library/App Store/storeuserd
• /Users/$USER/Library/com.apple.spotlight/SpotlightHelper
• /Users/$USER/Library/Dock/com.apple.dock.cache
• /Users/$USER/Library/Skype/SkypeHelper
• /Users/$USER/Library/Dropbox/DropboxCache
• /Users/$USER/Library/Google/Chrome/nacld
• /Users/$USER/Library/Firefox/Profiles/profiled
Replace the “$USER” here with your own home folder’s name. Keep in mind that these shouldn’t even exist and if they do, your machine may already be infected.
A Subtle Spread
Truth be told, there hasn’t been enough data to show us how the malware is obtained. Security experts suspect that it may be spread via email attachments or an unwarranted download from a website. Either way, it’s pretty easy to miss. With a file size of about 14MB, anybody would easily dismiss the Mokes.A malware as some insignificant digital nonsense.
The good news is that antivirus software like Intego VirusBarrier and BlockBlock tool easily detect and neutralize OSX/Mokes before it wreaks havoc on your Mac. A few of the best commercial anti-virus programs have also exhibited enough capacity to deal with such powerful malware.
Preventive Measures
Even if the Mokes.A malware targets OS X users, we’re lucky that the risk of dealing with such a malware on a Mac system remains low. This should give you no excuse to be complacent, though. Exercise vigilance every time you’re on the Web.
To begin with, keep your applications and operating system up-to-date. Resist the temptation to install software from less reliable online sources, too. These two should greatly increase your chances of circumventing any malware attack on your Mac or PC, trust us.
