GravityRAT's dangerous spyware is now attacking Macs as well. In the past, he attacked military targets

Spyware called GravityRAT, long known as one of the biggest dangers for Windows device users, is now also infecting MacOS. In its recent analysis, Kaspersky, a cyber security company, came up with a finding.

You might be interested

Newer Macs suffer from an unrecoverable security flaw

Mac

Dominik Zuna October 7, 2020 8

GravityRAT is classified as a virus that allows an attacker to access the infected device remotely. At the same time, they disguise themselves as commonly used applications, so the user often does not even suspect that something may be wrong with his phone or laptop. Thanks to this type of spyware, hackers can manipulate data on a given device, but also abuse some of its functionalities.

Photo gallery

<img src = "data: image / gif; base64, R0lGODlhAQABAIAAAAAAAP /// yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" data-src = "https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mave preferences-security-general-require-disable-dark.jpg "data-srcset =" https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-system-preferences-security-general -require-disable-dark-160×160.jpg 160w, https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-system-preferences-security-general-require-disable-dark- 255×255.jpg 255w, https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-system-preferences-security-general-require-disable-dark-255×150.jpg 255w, https: //www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-system-preferences-security-general-require-disable-dark-545×300.jpg 545w, https://www.letemsvetemapplem.eu /wp-content/uploads/2020/10/macos-mojave-system-preferences-security-general-require-disable-dark.jpg 1200w "data-sizes =" 150px " class = "lazyload portrait" title = "Security and Privacy Settings on Mac" alt = "Security and Privacy Settings on Mac" data-caption = "Security and Privacy Settings on Mac"> Security and Privacy Settings on Mac Security and Privacy Settings on Macu

<img src = "data: image / gif; base64, R0lGODlhAQABAIAAAAAAAP /// yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" data-src = "https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mave downloaded-from-internet-alert-dark.jpg "data-srcset =" https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-app-downloaded-from-internet-alert -dark-160×160.jpg 160w, https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-app-downloaded-from-internet-alert-dark-255×255.jpg 255w, https http://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-app-downloaded-from-internet-alert-dark-255×150.jpg 255w, https://www.letemsvetemapplem.eu/ wp-content / uploads / 2020/10 / macos-mojave-app-downloaded-from-internet-alert-dark-545×270.jpg 545w, https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10 /macos-mojave-app-downloaded-from-internet-alert-dark.jpg 962w "data-sizes =" 150px "class =" lazyload portrait "title =" Open application without notarization "alt =" Open application without notarization ce "data-caption =" Open application without notarization "> Open application without notarization Open application without notarization

<img src = "data: image / gif; base64, R0lGODlhAQABAIAAAAAAAP /// yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" data-src = "https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mave developer-alert-dark.jpg "data-srcset =" https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-unidentified-developer-alert-dark-160×160.jpg 160w, https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-unidentified-developer-alert-dark-255×255.jpg 255w, https://www.letemsvetemapplem.eu/wp-content /uploads/2020/10/macos-mojave-unidentified-developer-alert-dark-255×150.jpg 255w, https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-unidentified- developer-alert-dark-545×300.jpg 545w, https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-unidentified-developer-alert-dark.jpg 842w "data-sizes = "150px" class = "lazyload portrait" title = "Application Notification from Unknown Developer" alt = "Application Notification from Unknown Developer" data-cap tion = "Application notification from unknown developer"> Application notification from unknown developer Application notification from unknown developer

<img src = "data: image / gif; base64, R0lGODlhAQABAIAAAAAAAP /// yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" data-src = "https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mave developer-alert-open-dark.jpg "data-srcset =" https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-unidentified-developer-alert-open-dark-160×160 .jpg 160w, https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-unidentified-developer-alert-open-dark-255×255.jpg 255w, https: //www.letemsvetemapplem .eu / wp-content / uploads / 2020/10 / macos-mojave-unidentified-developer-alert-open-dark-255×150.jpg 255w, https://www.letemsvetemapplem.eu/wp-content/uploads/2020/ 10 / macos-mojave-unidentified-developer-alert-open-dark-545×300.jpg 545w, https://www.letemsvetemapplem.eu/wp-content/uploads/2020/10/macos-mojave-unidentified-developer-alert -open-dark.jpg 842w "data-sizes =" 150px "class =" lazyload portrait "title =" Application notification from unknown developer "alt =" Application notification o d unknown developer "data-caption =" Application notification from unknown developer "> Application notification from unknown developer Application notification from unknown developer
Enter the gallery

Specifically, GravityRAT was first identified in 2015 and during its existence has already caused problems both for users around the world and for a number of state and public institutions. In 2018, even the Indian Armed Forces fell victim to this spyware. What exactly can this virus do? According to previous findings, it allows attackers to find out information about the system of the infected device, currently running processes and applications, as well as search internal and external storage to steal contacts, emails, word, Excel and PowerPoint documents and other files in .pdf, .odt, .odp format. a .ods. In addition, this spyware provides an attacker with the ability to take screenshots, interfere with keyboard input, view communication on the input and output ports of the device, perform various system commands and in some of its versions even record audio.

It targets a variety of platforms

The renowned cybersecurity company Kaspersky has been working for a long time with the hypothesis that GravityRAT could penetrate platforms outside of Windows. Only now, however, did she come up with evidence that confirmed her previous suspicions. According to the latest findings, based on the analysis of the updated spyware code and the activities of the group involved in the development of this malicious software, GravityRAT is now penetrating other platforms, including MacOS and Android, under the guise of otherwise secure applications.

You might be interested

Apple's protection system failed. You can easily get infected with malware in macOS

Mac

Pavel Jelič September 1, 2020 12

Although Apple equips its Macs with robust virus protection in this category, and even when installing applications outside the official App Store, it verifies that these applications are always signed by a legitimate developer or publisher, previous GravityRAT analyzes have shown that hackers use stolen electronic signatures and licenses. Thus, dangerous spyware can take the form of any, otherwise trusted application. In practice, the most reliable way to protect your Mac from GravityRAT and other viruses of a similar type is to install applications only from trusted sources, ideally only from the Mac App Store. As a precaution, applications from unknown sources can be disabled in the Security and Privacy settings.

Source link

We will be happy to hear your thoughts

Leave a reply

Sharing is Awesome, Do It!

Share this post with your friends
close-link