Security News
Security News
  • ESET researchers discovered a previously unknown macOS backdoor that spies on users of compromised Macs.
  • ESET has named the malware CloudMensis because it uses cloud storage services to communicate with the operators and uses the names of months as directory names.
  • This macOS malware uses cloud storage as its Command and Control channel, supporting three different providers: pCloud, Yandex Disk, and Dropbox.
  • CloudMensis can issue 39 commands, including exfiltrating documents, keystrokes, and screen captures, from compromised Macs.
  • Metadata from the cloud storage services used reveal that the first Mac compromised by this recent campaign was on February 4, 2022.
  • The very limited distribution of CloudMensis suggests that it is used as part of a targeted operation.
  • More On :