Apple is generally very good about providing its users with a safe and secure computing environment. For many years the company was able to rightly claim that Microsoft had a far worse problem with malware than Apple did. That is still true but the gap has now virtually disappeared. As Apple products surged in popularity hackers took note and began finding ways around Apple's impressive security measures.
Researchers at Trend Micro have recently discovered a malware strain they've dubbed XCSSET which is especially good at bypassing Apple's security measures.
Most applications are run in an Apple Sandbox so that their ability to gain access to system information or compromise a component in some way is sorely limited. Hackers have discovered at least a partial workaround that gives them access to some of a user's sensitive data where certain apps are concerned.
XCSSET works by creating a simple text file on a victim's computer.
This text file is keyed to certain apps, including:
- Telegram
- Google Chrome
- Contacts
- Opera
- Skype
- Evernote
- And others
The text file is created in the sandbox and simply logs everything that happens in it. All a hacker needs to do to gain access to a user's Telegram account is to copy and paste the log file onto their own computer and all of the relevant login information is right there.
The same holds true for all of the software listed above. Note too that in the case of Google the log file will contain any passwords that Chrome saves inside the browser. If you use Chrome as your primary browser and log into your bank, make credit card payments, and the like, then all of those accounts would be at risk.
XCSSET is a genuine threat. Stay on your guard against it and make sure your employees are aware of the risks.
About the Author
Marty Parker
Owner & CEO
Marty is the Owner & CEO of Heritage Digital. With over 30 years of experience in building and leading top-notch IT teams, Marty has a rich background in both the manufacturing and healthcare sectors. He spent 13 years in each industry before taking the helm at Heritage Digital. Before leading Heritage Digital, he served as the CIO of Carolinas Hospital System (now MUSC Health Florence Medical Center). Marty is dedicated to educating and safeguarding people from cyber threats.
