Hidden malware is targeted at Macs by disguised apps used by North Korean hackers.

While Macs are generally safer than Windows PCs, they are not completely secure. Hackers have found ways to infect Apple devices, and it is often the users who inadvertently allow it to happen. Since it is challenging for hackers to infiltrate Apple's App Store, they often trick people into downloading apps from third-party stores or random websites.

Malicious software is concealed in legitimate-looking apps, as North Korean hackers demonstrated by infecting Macs with malware through seemingly harmless macOS apps.

Sign up for my free newsletter to receive a $500 gift card for the holidays.

How does the malware work?

Jamf Threat Labs has exposed a cunning type of malware that targets macOS computers. Knowing the fundamentals of how it functions can aid in safeguarding your online activity.

Malware is concealed in seemingly harmless applications, such as Minesweeper and Notepad, which appear to function normally. However, these apps secretly execute malicious programs that enable hackers to control your computer.

The technology used by apps, Flutter, simplifies app development for developers but also aids hackers in concealing malicious code, making it harder for experts to detect.

The malware, once installed, connects to a remote server to receive instructions, which could include running commands on your computer without your knowledge. One technique this malware employs is executing AppleScripts, a type of script designed for macOS systems, which can silently steal your data or control your device.

Some versions of this malware had been approved by Apple's security system before experts discovered it, indicating that the hackers were testing the limits of their schemes without arousing suspicion.

The North Korea connection

This malware is not a random act of cybercrime; it shares similarities with tactics and techniques commonly associated with North Korean hackers. Experts have identified similarities between this malware and previous attacks linked to North Korea, including the use of specific coding methods and domains that the country's cyber teams are known to exploit.

The malware detected in North Korea appears to be in the testing phase, possibly indicating a future larger attack on financial systems or individuals worldwide.

The apps designed to look harmless were actually malware, suggesting a focus on social engineering, a technique North Korean hackers have employed in the past.

The use of malware in apps that appear useful or fun can increase the likelihood of someone downloading and using the infected software. Although this specific malware has not yet been linked to active attacks, its connection to North Korea's cyber playbook suggests potential risks ahead.

5 tips to protect yourself from Mac malware

Protect yourself from malicious links and malware by using a reliable antivirus software. Make sure to have it installed on all your devices to safeguard your private information. Don't click on random links, especially in emails or messages that claim to be urgent or demand updates. The best way to keep your personal data and digital assets safe is to use antivirus software that can warn you about phishing emails and ransomware scams. Get my top picks for the best 2024 antivirus protection winners for your Windows, Mac, Android, and iOS devices.

Be cautious when downloading apps and links: Ensure to download apps only from reputable sources such as the Mac App Store or the official websites of established developers. Hackers frequently disguise malware as legitimate updates or harmless apps.

Ensuring your software is up to date is crucial for security reasons. Apple releases updates frequently to fix vulnerabilities, so enabling automatic updates is a hassle-free way to stay protected.

To safeguard your Mac from unauthorized access, use strong and unique passwords. Avoid reusing passwords across different accounts. A password manager can be incredibly helpful in generating and storing complex passwords, making them difficult for hackers to crack.

A password manager securely stores all your login credentials in one place, eliminating the need to remember them. By using a password manager, you reduce the risk of security breaches by minimizing the number of passwords you need to recall. For more information on the best expert-reviewed password managers of 2024, click here.

Activate two-factor authentication (2FA) for key accounts such as your Apple ID, email, and financial services to add an extra layer of security, making it much harder for attackers to access your accounts even if they have your password.

Kurt’s key takeaway

Malware is increasingly hiding in harmless apps, affecting all devices including those made by Apple. Hackers, including those backed by North Korea, are constantly finding new ways to trick users into downloading malicious software that can go unnoticed. It's crucial to stay vigilant and cautious when downloading and clicking on apps to avoid falling victim to these sophisticated attacks.

Do you rely on third-party app stores or prefer official app marketplaces? Share your thoughts with us at Cyberguy.com/Contact.

To receive my tech tips and security alerts, sign up for my free CyberGuy Report Newsletter at Cyberguy.com/Newsletter.

Let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.