A piece of malware known as Snake that's existed on Windows for years is now showing up on MacOS. The malware involves a fake Adobe Flash Player installer that can get around MacOS' Gatekeeper feature. When present, it can add a backdoor to the OS' file system, enabling hackers to access protected files.
Snake circumvents Gatekeeper by using a valid developer certificate. Typically only legitimate apps have Gatekeeper certificates.
The malware appears to be targeted at large companies, government agencies, and military institutions. It might be coming from hackers based in Russia.
Apple is likely to respond by no longer accepting the developer certificate in question. This will limit its spread on MacOS since Gatekeeper will recognize the software as potentially dangerous.
0 Comments