{"id":8121,"date":"2017-01-03T17:36:46","date_gmt":"2017-01-04T01:36:46","guid":{"rendered":"http:\/\/blog.hellotech.com\/?p=8121"},"modified":"2021-06-14T03:44:02","modified_gmt":"2021-06-14T10:44:02","slug":"mokes-a","status":"publish","type":"post","link":"https:\/\/www.hellotech.com\/blog\/mokes-a","title":{"rendered":"Mokes.A: Mac Virus That Steals Bank Credentials and Passwords"},"content":{"rendered":"\n<p>Malware gets more cunning by the day. In fact, there\u2019s one that could be covertly stealing critical information from the Mac you\u2019re using right now. We\u2019re not trying to scare you, though. It\u2019s a little heads-up to every Mac computer users to be extra cautious.<\/p>\n\n\n\n<p>Discovered just this year by Kaspersky Lab researcher, Stefan Ortloff, the malware called Mokes.A has been designed primarily to steal information. To begin with, it takes screenshots from a computer every 30 seconds. It also accesses videos, photos, and documents, too.<\/p>\n\n\n\n<p>What makes it truly scary, though, is the fact that it sees what keys users press on their keyboards. This could potentially hand hackers vital information like passwords, bank credentials, and other sensitive personal info. Oh, did we mention that it could let hackers control infected Macs remotely?<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-not-the-first-malware-threat-against-mac\">Not the First Malware Threat against Mac<\/h2>\n\n\n\n<p>Macs may be far less susceptible to malware attacks compared to PCs, but this hasn\u2019t stopped malicious parties from targeting Apple computers. <a href=\"http:\/\/arstechnica.com\/security\/2016\/03\/first-mac-targeting-ransomware-hits-transmission-users-researchers-say\/\">Earlier this year<\/a>, a lot of Apple customers fell victim to the first ransomware campaign against Macs: KeRanger. What it does is lock a computer up until the victim sends payment to cyber criminals.<\/p>\n\n\n\n<p>Next came <a href=\"http:\/\/www.telegraph.co.uk\/technology\/2016\/09\/09\/apple-mac-virus-can-take-screenshots-and-see-everything-you-type\/\">the discovery of the rare piece of malware, Mokes.A<\/a>. It accesses Mac computers running OS X even after Apple released urgent security updates for iOS and MacOS. A version of the malware attacks Windows and Linux, too. That version of the software backdoor was first found in January and could attack different machines. The fact that it could easily affect a significant number of potential victims makes it scary. The one that targets OS X is no pushover, though.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-signs-of-infection\">Signs of Infection<\/h2>\n\n\n\n<p>A few obvious signs of infection include the creation of a new folder in a user\u2019s Home Library Folder named \u2018App Store\u2019. Such a folder contains a background service named \u2018storeuserd\u2019. By default, your Mac shouldn\u2019t even have that file or folder.<\/p>\n\n\n\n<p>Another way to know if your Mac computer has been infected is to go to the Finder menu. Navigate to Go &gt; Go to Folder and then copy-paste these paths:<\/p>\n\n\n\n<p>\u2022 \/Users\/$USER\/Library\/App Store\/storeuserd<br>\u2022 \/Users\/$USER\/Library\/com.apple.spotlight\/SpotlightHelper<br>\u2022 \/Users\/$USER\/Library\/Dock\/com.apple.dock.cache<br>\u2022 \/Users\/$USER\/Library\/Skype\/SkypeHelper<br>\u2022 \/Users\/$USER\/Library\/Dropbox\/DropboxCache<br>\u2022 \/Users\/$USER\/Library\/Google\/Chrome\/nacld<br>\u2022 \/Users\/$USER\/Library\/Firefox\/Profiles\/profiled<\/p>\n\n\n\n<p>Replace the \u201c$USER\u201d here with your own home folder\u2019s name. Keep in mind that these shouldn\u2019t even exist and if they do, your machine may already be infected.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-a-subtle-spread\">A Subtle Spread<\/h2>\n\n\n\n<p>Truth be told, there hasn\u2019t been enough data to show us how the malware is obtained. Security experts suspect that it may be spread via email attachments or an unwarranted download from a website. Either way, it\u2019s pretty easy to miss. With a file size of about 14MB, anybody would easily dismiss the Mokes.A malware as some insignificant digital nonsense.<\/p>\n\n\n\n<p>The good news is that antivirus software like Intego VirusBarrier and BlockBlock tool easily detect and neutralize OSX\/Mokes before it wreaks havoc on your Mac. A few of the best commercial anti-virus programs have also exhibited enough capacity to deal with such powerful malware.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-preventive-measures\">Preventive Measures<\/h2>\n\n\n\n<p>Even if the <i>Mokes.A<\/i> malware targets OS X users, we\u2019re lucky that the risk of dealing with such a malware on a Mac system remains low. This should give you no excuse to be complacent, though. Exercise vigilance every time you\u2019re on the Web.<\/p>\n\n\n\n<p>To begin with, keep your applications and operating system up-to-date. Resist the temptation to install software from less reliable online sources, too. These two should greatly increase your chances of circumventing any malware attack on your Mac or PC, trust us.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Malware gets more cunning by the day. In fact, there\u2019s one that could be covertly stealing critical information from the Mac you\u2019re using right now. We\u2019re not trying to scare you, though. It\u2019s a little heads-up to every Mac computer users to be extra cautious. Discovered just this year by Kaspersky Lab researcher, Stefan Ortloff, the malware called Mokes.A has been designed primarily to steal information. To begin with, it takes screenshots from a computer every 30 seconds. It also [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":8188,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[17587,17593],"tags":[],"class_list":["post-8121","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-staying-safe"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v20.10 (Yoast SEO v20.10) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Mokes.A: A Mac Virus That Steals Bank Credentials and Passwords<\/title>\n<meta name=\"description\" content=\"Mokes.A is a Mac Virus that can steal information. It takes screenshots from a computer every 30 seconds, and accesses videos, photos, and documents.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.hellotech.com\/blog\/mokes-a\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mokes.A: Mac Virus That Steals Bank Credentials and Passwords - The Plug - HelloTech\" \/>\n<meta property=\"og:description\" content=\"Malware gets more cunning by the day. In fact, there\u2019s one that could be covertly stealing critical information from the Mac you\u2019re using right now. We\u2019re\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.hellotech.com\/blog\/mokes-a\" \/>\n<meta property=\"og:site_name\" content=\"The Plug - HelloTech\" \/>\n<meta property=\"article:publisher\" content=\"http:\/\/www.facebook.com\/hellotech\" \/>\n<meta property=\"article:published_time\" content=\"2017-01-04T01:36:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-06-14T10:44:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.hellotech.com\/blog\/wp-content\/uploads\/2017\/01\/pexels-photo-214221-min.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"426\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@HelloTech\" \/>\n<meta name=\"twitter:site\" content=\"@HelloTech\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.hellotech.com\/blog\/mokes-a#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.hellotech.com\/blog\/mokes-a\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/www.hellotech.com\/blog\/#\/schema\/person\/dec00225dd888a509740ace5e4d9de6c\"},\"headline\":\"Mokes.A: Mac Virus That Steals Bank Credentials and Passwords\",\"datePublished\":\"2017-01-04T01:36:46+00:00\",\"dateModified\":\"2021-06-14T10:44:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.hellotech.com\/blog\/mokes-a\"},\"wordCount\":645,\"publisher\":{\"@id\":\"https:\/\/www.hellotech.com\/blog\/#organization\"},\"articleSection\":[\"News\",\"Staying Safe\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.hellotech.com\/blog\/mokes-a\",\"url\":\"https:\/\/www.hellotech.com\/blog\/mokes-a\",\"name\":\"Mokes.A: A Mac Virus That Steals Bank Credentials and Passwords\",\"isPartOf\":{\"@id\":\"https:\/\/www.hellotech.com\/blog\/#website\"},\"datePublished\":\"2017-01-04T01:36:46+00:00\",\"dateModified\":\"2021-06-14T10:44:02+00:00\",\"description\":\"Mokes.A is a Mac Virus that can steal information. It takes screenshots from a computer every 30 seconds, and accesses videos, photos, and documents.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.hellotech.com\/blog\/mokes-a#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.hellotech.com\/blog\/mokes-a\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.hellotech.com\/blog\/mokes-a#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.hellotech.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mokes.A: Mac Virus That Steals Bank Credentials and Passwords\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.hellotech.com\/blog\/#website\",\"url\":\"https:\/\/www.hellotech.com\/blog\/\",\"name\":\"The Plug - HelloTech\",\"description\":\"Turn to The Plug for informative tech news that you can use. \",\"publisher\":{\"@id\":\"https:\/\/www.hellotech.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.hellotech.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.hellotech.com\/blog\/#organization\",\"name\":\"HelloTech\",\"url\":\"https:\/\/www.hellotech.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.hellotech.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.hellotech.com\/blog\/wp-content\/uploads\/2018\/11\/HT-logo-revised-final.png\",\"contentUrl\":\"https:\/\/www.hellotech.com\/blog\/wp-content\/uploads\/2018\/11\/HT-logo-revised-final.png\",\"width\":1000,\"height\":174,\"caption\":\"HelloTech\"},\"image\":{\"@id\":\"https:\/\/www.hellotech.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"http:\/\/www.facebook.com\/hellotech\",\"https:\/\/twitter.com\/HelloTech\",\"http:\/\/www.instagram.com\/hello_tech\",\"https:\/\/www.youtube.com\/channel\/UCIR-fbAKRfVuAbciDr2z4nQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.hellotech.com\/blog\/#\/schema\/person\/dec00225dd888a509740ace5e4d9de6c\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.hellotech.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/cbb537d18df244ad7d57a3639d94ede5cd90bf1fb742392af5731beaf11ffeb1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/cbb537d18df244ad7d57a3639d94ede5cd90bf1fb742392af5731beaf11ffeb1?s=96&d=mm&r=g\",\"caption\":\"admin\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Mokes.A: A Mac Virus That Steals Bank Credentials and Passwords","description":"Mokes.A is a Mac Virus that can steal information. It takes screenshots from a computer every 30 seconds, and accesses videos, photos, and documents.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.hellotech.com\/blog\/mokes-a","og_locale":"en_US","og_type":"article","og_title":"Mokes.A: Mac Virus That Steals Bank Credentials and Passwords - The Plug - HelloTech","og_description":"Malware gets more cunning by the day. In fact, there\u2019s one that could be covertly stealing critical information from the Mac you\u2019re using right now. We\u2019re","og_url":"https:\/\/www.hellotech.com\/blog\/mokes-a","og_site_name":"The Plug - HelloTech","article_publisher":"http:\/\/www.facebook.com\/hellotech","article_published_time":"2017-01-04T01:36:46+00:00","article_modified_time":"2021-06-14T10:44:02+00:00","og_image":[{"width":640,"height":426,"url":"https:\/\/www.hellotech.com\/blog\/wp-content\/uploads\/2017\/01\/pexels-photo-214221-min.jpeg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_creator":"@HelloTech","twitter_site":"@HelloTech","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.hellotech.com\/blog\/mokes-a#article","isPartOf":{"@id":"https:\/\/www.hellotech.com\/blog\/mokes-a"},"author":{"name":"admin","@id":"https:\/\/www.hellotech.com\/blog\/#\/schema\/person\/dec00225dd888a509740ace5e4d9de6c"},"headline":"Mokes.A: Mac Virus That Steals Bank Credentials and Passwords","datePublished":"2017-01-04T01:36:46+00:00","dateModified":"2021-06-14T10:44:02+00:00","mainEntityOfPage":{"@id":"https:\/\/www.hellotech.com\/blog\/mokes-a"},"wordCount":645,"publisher":{"@id":"https:\/\/www.hellotech.com\/blog\/#organization"},"articleSection":["News","Staying Safe"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.hellotech.com\/blog\/mokes-a","url":"https:\/\/www.hellotech.com\/blog\/mokes-a","name":"Mokes.A: A Mac Virus That Steals Bank Credentials and Passwords","isPartOf":{"@id":"https:\/\/www.hellotech.com\/blog\/#website"},"datePublished":"2017-01-04T01:36:46+00:00","dateModified":"2021-06-14T10:44:02+00:00","description":"Mokes.A is a Mac Virus that can steal information. It takes screenshots from a computer every 30 seconds, and accesses videos, photos, and documents.","breadcrumb":{"@id":"https:\/\/www.hellotech.com\/blog\/mokes-a#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.hellotech.com\/blog\/mokes-a"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.hellotech.com\/blog\/mokes-a#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.hellotech.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Mokes.A: Mac Virus That Steals Bank Credentials and Passwords"}]},{"@type":"WebSite","@id":"https:\/\/www.hellotech.com\/blog\/#website","url":"https:\/\/www.hellotech.com\/blog\/","name":"The Plug - HelloTech","description":"Turn to The Plug for informative tech news that you can use. ","publisher":{"@id":"https:\/\/www.hellotech.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.hellotech.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.hellotech.com\/blog\/#organization","name":"HelloTech","url":"https:\/\/www.hellotech.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.hellotech.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.hellotech.com\/blog\/wp-content\/uploads\/2018\/11\/HT-logo-revised-final.png","contentUrl":"https:\/\/www.hellotech.com\/blog\/wp-content\/uploads\/2018\/11\/HT-logo-revised-final.png","width":1000,"height":174,"caption":"HelloTech"},"image":{"@id":"https:\/\/www.hellotech.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["http:\/\/www.facebook.com\/hellotech","https:\/\/twitter.com\/HelloTech","http:\/\/www.instagram.com\/hello_tech","https:\/\/www.youtube.com\/channel\/UCIR-fbAKRfVuAbciDr2z4nQ"]},{"@type":"Person","@id":"https:\/\/www.hellotech.com\/blog\/#\/schema\/person\/dec00225dd888a509740ace5e4d9de6c","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.hellotech.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/cbb537d18df244ad7d57a3639d94ede5cd90bf1fb742392af5731beaf11ffeb1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/cbb537d18df244ad7d57a3639d94ede5cd90bf1fb742392af5731beaf11ffeb1?s=96&d=mm&r=g","caption":"admin"}}]}},"_links":{"self":[{"href":"https:\/\/www.hellotech.com\/blog\/wp-json\/wp\/v2\/posts\/8121","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hellotech.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hellotech.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hellotech.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hellotech.com\/blog\/wp-json\/wp\/v2\/comments?post=8121"}],"version-history":[{"count":0,"href":"https:\/\/www.hellotech.com\/blog\/wp-json\/wp\/v2\/posts\/8121\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.hellotech.com\/blog\/wp-json\/wp\/v2\/media\/8188"}],"wp:attachment":[{"href":"https:\/\/www.hellotech.com\/blog\/wp-json\/wp\/v2\/media?parent=8121"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hellotech.com\/blog\/wp-json\/wp\/v2\/categories?post=8121"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hellotech.com\/blog\/wp-json\/wp\/v2\/tags?post=8121"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}