Backdoor.MAC.Elanor malware for Mac enters the wild, can steal data, execute remote code, operate webcam
Date: Wednesday, July 6th, 2016, 07:18
Category: News, security, Software
Well, this’ll keep Apple’s security team busy for a while.
Recently, Bitdefender Labs found what might be the second example of true Mac malware to enter the wild. The application, dubbed “Backdoor.MAC.Elanor”, is available on a number of reputable download sites such as MacUpdate.
The backdoor is embedded into a fake file converter application that is accessible online on reputable sites offering Mac applications and software. The EasyDoc Converter.app poses as a drag-and-drop file converter, but has no real functionality – it simply downloads a malicious script.
Once installed, Backdoor.MAC.Elanor can perform functions such as stealing your data, controlling your webcam and executing remote code.
Malwarebytes director Thomas Reed has reportedly advised MacUpdate that the malware is present on its site, but as the time of writing it had not yet been removed.
Bitfender technical lead Tiberius Axinte offered the following comment as to Backdoor.MAC.Elanor’s abilities:
This type of malware is particularly dangerous as it’s hard to detect and offers the attacker full control of the compromised system. For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices. The possibilities are endless.
The good news is that the malicious app is not signed by an Apple Developer ID, so as long as you have your Mac set only to open apps from the Mac App Store or known developers, it won’t open. It does, though, emphasize the importance of exercising caution even when downloading apps from reputable sites.
Stay tuned for additional details as they become available.