The backdoor is apparently being hidden away in a phony file converter utility that’s being distributed via major sites like MacUpdate, according to a report from 9to5Mac. EasyDoc Converter purports to be a legitimate piece of software, but offers no functionality beyond downloading the backdoor.
MacUpdate has now been alerted to the issue, and has removed download links to the utility and delisted it from its search results. However, EasyDoc Converter is likely hosted on scores of different websites, and there could potentially be plenty of other fake pieces of software serving to distribute the backdoor.
Backdoor.MAC.Elanor could potentially be used to facilitate all manner of attacks on a victim’s computer. A hacker could use the backdoor in conjunction with other techniques to execute attacks ranging from data theft to a complete takeover of the system’s webcam.
Fortunately, the malicious app is not signed with an Apple Developer ID, which should make it easier for Mac users to avoid the backdoor. So long as your computer’s settings stipulate that it will only open apps from the App Store or from known developers, it shouldn’t be able to open.
However, there’s an important lesson about security to be learned here. There was a time when Macs weren’t considered to be at risk of malware attacks to the same extent that PCs are — evidently, that is no longer the case.
Editors' Recommendations
- CCleaner downloads are found to be infected with malware, affecting millions
- Snake, the latest MacOS malware, makes its way over from Windows
- Google is improving its Safe Browsing features to protect MacOS users
- Malwarebytes finds the ‘first Mac malware of 2017,’ and Apple calls it ‘Fruitfly’
- Malware allows attackers to silently steal webcam video from your Mac, expert says
