Security researchers have discovered a new macOS spyware that exploits already patched vulnerabilities to bypass protections built into macOS. The discovery highlights the importance of keeping the operating system updated.
50 macOS Tips and Tricks for Using Terminal (That Last One is CRAZY!)
CloudMensis, the previously unknown spyware discovered by researchers at ESET, exclusively uses public cloud storage services such as pCloud, Dropbox and others to communicate with the attackers and exfiltrate files. Worryingly, it exploits a plethora of vulnerabilities to bypass macOS’s built-in protections and steal your files.
"Its capabilities clearly show that the operators' intention is to gather information from victims' Macs by exfiltrating documents, keystrokes and screenshots," wrote ESET researcher Marc-Etienne M. Léveillé. "The exploitation of vulnerabilities to bypass macOS mitigations shows that the malware operators are actively trying to maximize the success of their espionage operations."
ESET researchers first discovered the new malware in April 2022 and realized that it could attack both older Intel and newer Apple computers with silicon technology.