In our previous post we looked at how many Mac users wrongly believe that they are immune to malware simply due to their choice of platform. Today we are going to focus on a very specific threat and show, of course, how you can provide effective protection against it.
A piece of malware with many nasty features
In 2020 a new piece of malware appeared that was specifically aimed at macOS Big Sur. It has a whole range of menacing capabilities and it has recently sprung back into life. The software, clumsily named XCSSET, seems to mainly target developers, in order to rapidly spread via their infected programs, it is plausibly supposed. XCSSET employs the latest generation of backdoor and browser hijacking functions in order to access passwords for Apple ID, Paypal, Google and other sensitive accounts. The software also attempts to get hold of credit card information, and it infiltrates websites in order to manipulate payment flows through fake addresses for cryptocurrencies such as Bitcoin, Ethereum, Litecoin and Tether.
But that’s not all. XCSSET is also able to extract data from apps such as Evernote, Skype, Telegram and Apple Notes and to take screenshots without the user noticing.
To do this, XCSSET exploits two Safari vulnerabilities: Firstly, it is able to steal browser cookies and the login data stored there, and moreover the malware can evidently manipulate sessions’ status codes.
The in-built protection is insufficient
Now it is true that macOS has a so-called Gatekeeper called XProtect which seeks to prevent infected programs from being downloaded. However, this depends on Apple actively adding the malware to a database, which does not always happen in full or rapidly.
Real protection is only provided by specialist anti-malware solutions that analyse processes and threads in real time and issue alerts immediately when any suspicious activity is identified. The latest examples of these make use of artificial intelligence and as a result their detection rates have risen to new levels.
Only one program provides it all
One global, unique solution goes even further: Acronis True Image 2021 combines the most advanced anti-malware protection with an extensive range of backup functionalities that can be managed intuitively, so that users are fully protected against particularly nasty threats such as XCSSET and have no need to worry about the integrity of their sensitive data.
It goes without saying, however, that users are still strongly advised to keep their systems up to date with the latest versions of operating systems and software, and to be very careful about clicking on downloads or links.