Threat Management, Malware, Security Strategy, Plan, Budget

MacSpy: free malware-as-a-service hits Mac OS

Cybercriminals once again upped the ante with what is advertised as the "most sophisticated Mac spyware ever” to show users no one is safe with the latest malware targeting Mac OS systems.

Dubbed, MacSpy, AlienVault researchers spotted one of the first seen malware-as-a-service (MaaS) designed for the OSX platform, according to a June 9 blog post.

At the low price of free, the malware packs quite a bang for the buck with a list of features that claim to offer no digital trace of the threat actor, screen capture, key logging, iCloud syncing, be invisible to the victim, continuous voice recording, pasteboard, and browser data retrieval services.

Threat actors also have the option to upgrade to premium features which include the ability to adjust capture and record intervals remotely, retrieve any file or data, encrypt the entire directory within a few seconds, disguise the program as a legitimate file format, receive a daily zip or all files collected in the day, access to emails and social networking accounts, code sign, and the most recent stable releases, all for an undisclosed amount of Bitcoin.

The MaaS doesn't appear to offer any customer facing automated services for signing up for the malware however, as users must email the author of the malware to receive a copy of MacSpy. The author instructs the user to download the malware via Tor and manually uploaded onto the target's Mac.

There isn't any evidence that the malware is exploiting any particular vulnerabilities, AlienVault Security Researcher Peter Ewane told SC Media.

“Currently it relies more on the “attacker” having physical access to the system, or tricking the user into running the executable,” Ewane said. “Users can take the usual advice of don't execute programs delivered to them over email unrequested, lock your computer when not using it, etc”

Ewane said the malware lowers the technical expertise needed to create and spread malware by creating and hosting all the vital infrastructure for customers.

“The most surprising thing about these findings was that the malware authors were willing to invest a significant amount of time setting up their infrastructure and making everything user friendly” Ewane said. “I believe the sophistication of Mac malware related services is only going to increase along with Mac market share.”


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.