Company cybersecurity experts Guardz discovered a hidden VNC-class program for sale, which gives the operator full access to computers running Apple macOS – it is said to steal personal information and credentials. As a guarantee of the program’s performance, the hackers placed a $100,000 deposit on the shady site.
The remote access system VNC (Virtual Network Computer) is used by technical support services. It allows service workers to control users’ computers. However, users have to give permission to run the program and they usually see what the specialist is doing. There is also a hidden variant of this HVNC system (Hidden VNC), which gives the remote operator the same opportunities, but does not require permission and does not allow the owner of the machine to see the manipulations involved.
The tool provided on the shadow resource is sold with a lifetime “license” for $60,000. It includes a reverse shell and a remote file manager, and the tool has been tested on computers running macOS 10 to 13.2. As a guarantee of efficiency, the developers of the malware placed a $100,000 deposit in the escrow account of the hacking resource administration.
As a protective measure, Apple computer owners are advised to update their software regularly: the malware works on computers running macOS versions earlier than Ventura 13.2, while the current version of the platform is 13.4.1. If you are unable to install the latest version of macOS, we recommend that you do not install programs from unknown sources, limit yourself to the Mac App Store, do not open attachments in suspicious emails, and do not follow suspicious links.