A new piece of malware targeting Macs has been found in the wild, following hot on the heels of the first piece of ransomware for the platform, which was unearthed earlier this year. The malware is being referred to as Backdoor.MAC.Elanor, and it provides further evidence that Macs aren’t as impervious to attack as they were once assumed to be.
The backdoor is apparently being hidden away in a phony file converter utility that’s being distributed via major sites like MacUpdate, according to a report from 9to5Mac. EasyDoc Converter purports to be a legitimate piece of software, but offers no functionality beyond downloading the backdoor.
MacUpdate has now been alerted to the issue, and has removed download links to the utility and delisted it from its search results. However, EasyDoc Converter is likely hosted on scores of different websites, and there could potentially be plenty of other fake pieces of software serving to distribute the backdoor.
Backdoor.MAC.Elanor could potentially be used to facilitate all manner of attacks on a victim’s computer. A hacker could use the backdoor in conjunction with other techniques to execute attacks ranging from data theft to a complete takeover of the system’s webcam.
Fortunately, the malicious app is not signed with an Apple Developer ID, which should make it easier for Mac users to avoid the backdoor. So long as your computer’s settings stipulate that it will only open apps from the App Store or from known developers, it shouldn’t be able to open.
However, there’s an important lesson about security to be learned here. There was a time when Macs weren’t considered to be at risk of malware attacks to the same extent that PCs are — evidently, that is no longer the case.
