Remember way back in the year 2016, when Russian hackers leaked a bunch of emails from John Podesta to Hillary Clinton where people found out all sorts of things about her speeches and her connections to Goldman Sachs that people are still leaning on as ammunition against her?
The hackers are called APT28. Or Fancy Bear. Or Sofacy. Whatever name they’re going by these days, it seems they’re back, this time targeting Mac computers with some backdoor malware that’s allowing them access to everything from users’ passwords, screenshots and even iPhone backups which could include photos and all sorts of other sensitive data.
This isn’t a virus, mind you—it’s what’s called a Xagnet malware. Basically, it spoofs other internet domains, making users think that they’re entering their password and other critical data in a safe zone, when in actuality they’re giving up that data to hackers and even potentially installing software that silently runs in the background, leaving your computer open to anyone who has access (in this case, the Russian hackers).
It’s rare for Mac computers to run into such problems, since the Unix-based OS X operating system is generally safe from viruses as compared to Windows. In this case, however, the hackers are tricking unsuspecting users into installing software and giving up passwords.
The malware was discovered by Romanian cybersecurity firm Bitdefender, who had this to say about the new threat:
“Currently we don’t know what are the targeted organizations, but the links to the APT28 cybercrime group are obvious: The use of the same dropper/ downloader and similar command and control center URLs, as well as sine artifacts hardcoded in the binary files,” they told CNET.
So far, Apple is silent on the issue.