A newly discovered security threat called ShadowVault works in the background of macOS to access logins, banking details, and more personal data. Cybersecurity firm Guardz has announced that it has discovered new malware designed to "steal sensitive data" in the background of macOS.
The malware, which is distributed using the Malware-as-a-Service model, can be purchased by other hackers to use in their attacks for the low price of $500 per month. Security researchers at Guardz first discovered ShadowVault on a popular dark web forum frequented by cybercriminals looking for malware to use in their attacks.
The CVE.report database that tracks vulnerabilities and exposures does not appear to have an entry for ShadowVault, and Apple has not commented on the malware. Coincidentally, Apple released an emergency Rapid Security Response update for macOS 13.4.1 (as well as iOS 16.5.1 and iPadOS 16.5.1) on Monday, but the update was pulled back after numerous reports of the update causing web-based applications to fail. However, the security notes of that update seem to indicate that the defect per day was not related to ShadowVault.
How to protect your mac from
Apple has protections built into macOS and the company releases security patches via OS updates, so it's important to install them as they become available. If Apple pulls back an update, as it did with macOS 13.4.1(a), the company will reissue it as soon as it's revised with fixes.
When downloading software, get it from a trusted source, such as the App Store (which performs security checks on its software) or directly from the developer. Macworld has several guides to help, including guidance on whether or not you need antivirus software, a list of Mac viruses, malware and trojans, and a comparison of Mac security software.
0 Comments