Cyber Threats to Mac Computers on the Rise
For Mac users, a new cyber security threat is on the horizon. A tool called ‘Geacon’, used by hackers to gain unauthorised access to computers, is becoming more popular. This tool is a version of ‘Cobalt Strike’, another tool hackers have used for a long time to target Windows computers. But now, they’re using Geacon to focus on Macs.
SentinelOne, discovered this increase in threats after noticing more and more Geacon attacks appearing on a site called VirusTotal, which is used to spot and analyse suspicious files. Some of these attacks were just tests, but others were real attempts by hackers to gain access to computers. SentinelOne has found two recent examples of these Mac based attacks;
1: A file called ‘Xu Yiqing’s Resume_20230320.app’, discovered on 5th April. It looked like a simple resume, but it was actually a program designed to download a Geacon attack onto a Mac computer. Once downloaded, the Geacon attack could carry out various tasks, including accessing the internet, encrypting and decrypting data, downloading more attacks, and stealing data.
2: A file pretending to be SecureLink (a popular app for secure remote support), discovered on 11th April, was designed to ask for access to many of the computer’s features, like the camera, microphone, and other data. Once granted access, it could steal this information.
Whilst attacks on macOS based systems are less common than those on Windows, they do happen. Our Endpoint Detection & Response solution is designed to protect businesses from exactly these types of attacks and is already securing our customers from these Geacon attacks. EDR uses advanced Artificial Intelligence (AI) and Machine Learning to monitor your endpoints (including macOS devices) for unusual, suspicious or malicious files or activity and block it in its tracks, keeping your users and your business safe.
Latest News Stories
How did the MOVEit Cyber Security Breach Target so many Business?
We have recently posted a few article about the MOVEit Cyber Security Breach which has effected thousands of customers, and hundres of thousands of individuals around the world, including; British Airways, Transport for London, the BBC, Boots, Minnesota Department of...
Reddit Hackers Threaten to Release Stolen Data Unless API Changes Reversed
The BlackCat ransomware criminal group, also known by the alias ALPHV, has demanded a $4.5 million ransom and the revocation of planned API pricing changes from Reddit. The group has warned that failure to meet their demands will result in the publication of 80GB of...
U.S. Energy Department and Other Agencies Compromised in MOVEit Cyber Attack
Several U.S. government agencies, including the U.S. Energy Department, have announced that they are among the businesses who have fallen victim to the MOVEit Cyber Attack. Officials reported on Thursday June 15th that data was compromised at two entities within the...
Our Customers
Testimonials
Denise Hardman, Ward Power Ltd
Easy to communicate with . Good response time.
Emily Laycock, CFS Formations
Very friendly and helpful over the telephone. Engineers worked fast to fix our issues.
Jeanette, Principle Support Ltd
One2Call staff are very helpful and friendly and they do have a fast turnaround with our enquiries. Thank you very much.