Are you a security pro? Try our quiz!
Moke malware has wormed its way across from Windows and Linux and onto Mac OS X in the form of Backdoor.OSX.Mokes, threatening Apple’s operating system with malicious code.
Discovered by cyber security firm Kaspersky Labs back in January, the Moke family of malware can swipe all manner of data from an infected machine, such as key-strokes, documents, pictures and screenshots.
It also creates a backdoor into the operating systems to allow hackers to execute arbitrary commands on a targeted computer.
“After the discovery of the binaries for Linux and Windows systems, we have now finally come across the OS X version of Mokes.A. It is written in C++ using Qt, a cross-platform application framework, and is statically linked to OpenSSL.” explained Kaspersky security researcher Stefan Ortloff.
From there it can tamper with the system to make a connection to a command and control centre server through an HTTP connection on TCP port 80. Once a connection is established the hacker in control of the command server can setup backdoor features that allow for data to be stolen using techniques such as monitoring removable storage on the infected machine and scanning the file system for documents.
Tracking the source of a Moke attack is also particularly tricky as it uses strong AES-256-CBC encryption to effectively hide its activities and communicate with the command server.
Backdoors in Mac OS X are not as common as they are in Windows machines, but they appear to be increasingly uncovered by security researchers. Kaspersky did not detail how widespread the Moke malware or how much of a threat it poses to Macs, but the security firm assumes it is out “in-the-wild” in the same ‘packed’ form as its Linux variant.
Are you a security pro? Try our quiz!
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
New chapter for LastPass as it becomes an independent company to focus on cybersecurity, after…
US FCC seeks to ban Chinese telecom firms at centre of national security concerns from…
Two updates to Anthropic's AI chatbot Claude sees arrival of a new business-focused plan, as…