Skip to main content

Snake, the latest MacOS malware, makes its way over from Windows

Increasingly, the idea that MacOS does not suffer from the same malware threats as Windows is going out the window. MacOS suffers from some of the same kinds of attacks which make their way over from Windows.

One recently discovered example of a cross-platform attack is a fake Adobe Flash Player installer that bypasses the Gatekeeper feature introduced in MacOS Lion. Dubbed “Snake,” the malware injects malicious backdoor files into the MacOS file system, makes them persistent, and then uses them to access and pass along sensitive materials, the Fox-IT blog reports.

Recommended Videos

Gatekeeper uses a certificate-based system to differentiate between apps installed from the presumably secure Mac App Store and apps that users might want to install from outside that walled garden. If an application has a legitimate Gatekeeper certificate, the theory goes, then users can trust that the app is safe. Snake leverages this system by using a valid developer certificate that is likely stolen from a legitimate developer.

According to Fox-IT, Snake could be tied to Russian hackers and is highly targeted at government and military institutions and large companies. It has been around on Windows for years and a version was ported to Linux in 2014. Now, the malware can infect MacOS machines using essentially the same framework that Fox-IT describes as “significantly more sophisticated, it’s infrastructure more complex and targets more carefully selected.”

Interestingly, Snake does actually install the Adobe Flash Player but at the same time, it installs backdoor code that is kept as persistent by Apple’s LaunchDaemon service. It is installed using a Zip file called “Adobe Flash Player.app.zip” and appears valid to the user.

Fox-IT notified Apple about the compromised certificate and it is likely Apple’s security team will have revoked it within the Gatekeeper system. That means it will no longer make its way through Gatekeeper as if it were a legitimate Mac App Store application and should be more difficult to spread for users who make use of Gatekeeper’s protections.

More than anything, Snake serves as a reminder that MacOS users should maintain the same diligence as users of other operating systems. Keep Gatekeeper turned on and fully enabled, only install applications from known sources, and utilize anti-malware software to keep your systems monitored and periodically scanned. Apple might like to poke fun at Windows for its allegedly less secure nature, but the reality is that nobody is completely safe from attack.

Mark Coppock
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
Window management in macOS annoys me. This free app was the fix I needed
Swift Shift app running on a MacBook.

Apple’s approach to Mac computing is rather odd. The unwavering focus on simplicity, fluidity, and elegance sets it apart from Windows. But at the same time, it can feel a lot restrictive. Nothing exemplifies that better than app windows in macOS.

Until macOS Sequoia, Apple didn’t even offer proper window tiling and snapping options. Windows has served them for a while now, and in a fashion that even power users would approve. 

Read more
I used a free app to fix my biggest problem with macOS
Depicting of the Maccy clipboard app for macOS on a laptop with letters inb the background.

I recently found myself assisting my sister with a research project. Writing a science paper is a notoriously taxing process because it is excruciatingly drab to write one,  but at the same time, you have to be meticulous with every single statement. Citations are a crucial element, and depending on the topic you have picked, you may have to sprinkle a few links in every line.

In my case, my citation list had over 140 links, a healthy few of which were open across different tabs and pushing Chrome to its limits. Yet, the most arduous part was not the struggling web browser, but the chore of cycling through tabs, merely to copy the URL or citation details from each research paper.

Read more
9 macOS Sequoia features every Mac user should know
macOS Sequoia being introduced by Apple's Craig Federighi at the Worldwide Developers Conference (WWDC) 2024.

Apple’s macOS Sequoia operating system launched with a whole heap of interesting new features, and there’s a lot to try if you’ve just recently updated your Mac. But which new additions are worth your time, and which can be passed over?

That’s the question we’re aiming to answer today. We’ve scoured macOS Sequoia to find the nine key features that every Mac user should know about. From Apple Intelligence to iPhone Mirroring, these are the tools and technologies that you’ll want to try next.

Read more