Cyber Threats to Mac Computers on the Rise
For Mac users, a new cyber security threat is on the horizon. A tool called ‘Geacon’, used by hackers to gain unauthorised access to computers, is becoming more popular. This tool is a version of ‘Cobalt Strike’, another tool hackers have used for a long time to target Windows computers. But now, they’re using Geacon to focus on Macs.
SentinelOne, discovered this increase in threats after noticing more and more Geacon attacks appearing on a site called VirusTotal, which is used to spot and analyse suspicious files. Some of these attacks were just tests, but others were real attempts by hackers to gain access to computers. SentinelOne has found two recent examples of these Mac based attacks;
1: A file called ‘Xu Yiqing’s Resume_20230320.app’, discovered on 5th April. It looked like a simple resume, but it was actually a program designed to download a Geacon attack onto a Mac computer. Once downloaded, the Geacon attack could carry out various tasks, including accessing the internet, encrypting and decrypting data, downloading more attacks, and stealing data.
2: A file pretending to be SecureLink (a popular app for secure remote support), discovered on 11th April, was designed to ask for access to many of the computer’s features, like the camera, microphone, and other data. Once granted access, it could steal this information.
Whilst attacks on macOS based systems are less common than those on Windows, they do happen. Our Endpoint Detection & Response solution is designed to protect businesses from exactly these types of attacks and is already securing our customers from these Geacon attacks. EDR uses advanced Artificial Intelligence (AI) and Machine Learning to monitor your endpoints (including macOS devices) for unusual, suspicious or malicious files or activity and block it in its tracks, keeping your users and your business safe.
Latest News Stories
U.S. Energy Department and Other Agencies Compromised in MOVEit Cyber Attack
Several U.S. government agencies, including the U.S. Energy Department, have announced that they are among the businesses who have fallen victim to the MOVEit Cyber Attack. Officials reported on Thursday June 15th that data was compromised at two entities within the...
Pharmaceutical Companies Data Reportedly Stolen in Ransomware Attack
The Russia-linked ransomware group LockBit has claimed responsibility of a Cyber Attack which they launched on the Indian pharmaceutical company Granules India, as proof of the attack they have revealed segments of the supposedly stolen data. The presence of Granules...
Major Australian Law Firm Suffers Cyber Attack: Dark Web Leak Threatens Government Data
After a recent & significant escalation of cyber criminal activity in Australia, Russian-linked threat actors, known as the AlphV ransomware gang or "Blackcat", have targeted the major Australian law firm HWL Ebsworth. On the June 8th, the group claimed to have...
Our Customers
Testimonials
Annette, Blastcom
Ryan was very helpful and sorted out the problem for me.
Ackroyd & Abbott
The problems get sorted quickly as possible and the staff are friendly and helpful.
Sarah, CPP
Excellent service thank you for doing this out of hours!