Up until this year, Mac users never had to worry about malware infecting their computers, but it appears that hackers have finally caught up with the platform. Originally discovered by Bitdefender, Backdoor.MAC.Eleanor is the name of a new piece of malware that creates a backdoor through which an attacker can gain access to the control-and-command center from the outside.
As Malwarebytes explains, the malware was available through MacUpdate (and other reputable sources) as a seemingly innocent piece of software called EasyDoc Converter. The app was described as a “fast and simple file converter for OS X,” but running the app would install the Eleanor malware on your machine.
“This type of malware is particularly dangerous as it’s hard to detect and offers the attacker full control of the compromised system,” says Tiberius Axinte, Technical Leader, Bitdefender Antimalware Lab. “For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices. The possibilities are endless.”
There is some good news — the app was never signed with a certificate from Apple, and by default, Mac OS X won’t open any unsigned apps. On the other hand, Apple can’t revoke EasyDoc’s certificate, because it never received one.
You can read more about the specifics of how the malware works on Bitdefender’s blog, but the important takeaway here is that Mac’s are vulnerable to malware. Be careful when downloading files from anywhere on the Internet, and use Gatekeeper to keep yourself safe from potentially dangerous software.