Macs continue to be targeted by some of the same Russian spies blamed for hacking into the Democratic National Committee servers in 2016, but now they apparently have newer tools that target iPhones as well.
This is according to the team at Bitdefender Labs, which announced in a blog post yesterday (Feb. 14) that it found this new sample of Komplex. This tool is commonly attributed to the Sofacy group of Russian military intelligence, also known as APT28, also known as Pawn Storm, also known as Fancy Bear.
MORE: Best Mac Antivirus Software
Once Komplex lands inside a Mac (previous instances used targeted spear phishing attacks) it sends the data back to HQ using a network of command and control servers that impersonate Apple websites. After checking for antivirus software to see if the coast is clear, it spawns infinitely looping communication threads that send system information, desktop screenshots, browser-saved passwords and even locally-stored iPhone backups, back to its home base.
So what should you do?
Be wary of clicking on links and opening attachments in unsolicited emails, even if they appear to come from friends or co-workers. Install and run Mac antivirus software that scans email attachments. Komplex and similar Trojans can be hidden in any kinds of files, including PDFs and images.
The average citizen, though, shouldn't be looking out for this specific attack. This new flavor of Komplex will likely target journalists, politicians, think-tank staffers and military personnel, those with trade secrets that spies are looking to pilfer.
macOS High Sierra Tips
- How to Download and Install macOS High Sierra
- How to Use Picture-in-Picture on a Mac
- How to Use Siri on Your Mac
- How to Use Optimized Storage in macOS Sierra
- How to Use Memories in the Photos App on Mac
- How to Use Messages in macOS Sierra
- How to Use Apple Pay in macOS Sierra
- How to Unlock a MacBook with Your Apple Watch
Stay in the know with Laptop Mag
Get our in-depth reviews, helpful tips, great deals, and the biggest news stories delivered to your inbox.