- How to stream Liverpool vs. Chelsea Friday 6:45 PM
- How to stream Real Madrid vs. Sevilla Friday 6:35 PM
- How to stream Peter ‘Kid Chocolate’ Quillin vs. Alfredo Angulo Friday 5:16 PM
- How to stream Barcelona vs. Granada Friday 4:50 PM
- ‘Atlantics’ tells a ghost story steeped with emotion and realism Friday 4:16 PM
- ‘Jojo Rabbit’ is a sweet, singular movie that loses its grip on satire Friday 3:40 PM
- Jordan Peterson is in rehab for Klonopin addiction Friday 3:34 PM
- The cat-worshipping turkey cult video, explained Friday 3:22 PM
- Despite legal threats and drama, the Area 51 desert event is on Friday 3:05 PM
- How to stream Yair Rodriguez vs. Jeremy Stephens on UFC Fight Night Friday 3:00 PM
- Twitter just launched its ‘Hide Replies’ feature Friday 1:59 PM
- How to turn off image metadata before it snitches on you Friday 1:36 PM
- The ‘Breaking Bad’ movie is coming to theaters—for one weekend only Friday 1:04 PM
- Teens recorded, shared videos of mall fight that ended in fatal stabbing Friday 12:44 PM
- How to stream Giants vs. Buccaneers in Week 3 Friday 12:31 PM
Researchers at Bitdefender Labs found a sample of a Mac-native version of the malware linked to Russian threat group APT28, the government-linked hackers who took down the DNC. It allows them to obtain passwords, capture screenshots, and even steal iPhone backups stored on an infected Mac.
“The analysis reveals the presence of modules that can probe the system for hardware and software configurations, grab a list of running processes and run additional files, as well as get desktop screenshots and harvest browser passwords,” the Bitdefender Labs report reads. “The most important module, from an intelligence-gathering perspective, is the one that allows the operator(s) to infiltrate iPhone backups stored on a compromised Mac.”
The research group believes this discovery in Mac is linked to the APT28 group because of similarities in the Xagent malware agent found in the Windows/Linux attack. It says the presence of similar modules, like FileSystem, KeyLogger, and RemoteShell, also suggests the malware comes from the same group.
It also said the malware reports to the same command-and-control URL used by APT28 for its other ‘Komplex’ malware tool.
We don’t know much else about the malicious software. Bitdefender Labs is still analyzing the modules it found in the malware and plans to release a full report soon.
In the meantime, do yourself a favor and install some antivirus software.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.