Security firm Guardz has revealed new malware that can be used by hackers to remotely gain control of an insecure Mac. In a blog post, Guardz explains how a threat agent has offered the tool on a Russian cybercrime forum since April 2023.
The malware is an HVNC utility (Hidden Virtual Network Computing) and is similar to a VNC (Virtual Network Computing), which is a legitimate tool often used to remotely control another computer over a network or the internet. For example, a company with an IT department may use VNC to troubleshoot an employee’s computer, and the employee can see that the computer is being accessed. But in the case of an HVNC, the access is hidden from the target user, so a threat agent would use an HVNC for nefarious purposes.
The HVNC is being sold on a Russian cybercrime forum called Exploit. The threat agent is offering the HVNC for a “lifetime price of $60,000,” and for an additional $20,000, the buyer can get “more malicious capabilities to the arsenal.” Apparently, the HVNC malware can run on the target Mac without user permission and has been tested on macOS from version 10 to 13.2. (The current version, which was released last week, is macOS Ventura 13.5.)
Guardz did not report on any instances of the HVNC being spotted in the wild. The CVE.report database that tracks vulnerabilities and exposures does not appear to have an entry for the HVNC malware, and Apple has not made a public comment.
How to protect yourself from malware
PROMOTION
Antivirus Deal: Intego Mac Premium Bundle
Get Intego’s Mac Premium Bundle X9 with antivirus, firewall, backup and system performance tools for just $29.99 (down from $84.99) for the first year.
Users aren’t defenseless from malware attacks and can protect themselves. The first thing to do is to update to the latest version of macOS whenever possible. Apple has protections in place within macOS and the company releases security patches through OS updates, so it’s important to install them when they are available.
If you are not running macOS Ventura 13.5 and you are running an older version of macOS such as Monterey or Big Sur, it’s still important to look for macOS updates. Apple has been releasing security updates for those two operating systems; for example, on July 24, Apple released Monterey 12.6.8 and Big Sur 11.7.9, both of which were security updates.
The other way to protect yourself is to download software only from trusted sources, such as the App Store (which makes security checks of its software) or directly from the developer. Malware is often disguised as legitimate software and is distributed through email or on the web through forums and software sites that are not vigilant about security.
Macworld has several guides to help, including a guide on whether or not you need antivirus software, a list of Mac viruses, malware, and trojans, and a comparison of Mac security software.