'Ancient' Mac backdoor discovered that targets medical research firms Security researchers at Malwarebytes have discovered a Mac backdoor using antiquated code that targets biomedical research facilities. The malware was probably created years ago but has only recently been discovered. Malwarebytes speculates that it wasn't found before because it was only ever used in targeted attacks, limiting …
"Sun entered the picture after the names had started to migrate from a mix of NX and no prefix to an NS prefix - it just so happened that it worked out well, naming wise with NeXTSTEP and SUN"
you sure about that - I was full time nextstep at that time - I think we moved to NS with openstep.
openstep ran on next, sun, windows, etc
I think we used NS* for all openstep stuff.
And since that IS osx basically it makes sense its still there.
Sounds like they don't know, as this is just generic code running. So, it appears to be a backdoor that was installed, which isn't a backdoor at all, but just an exploitive program.
As far as age, from source...
"Further, there is a comment in the code in the macsvc file that indicates that a change was made for Yosemite (Mac OS X 10.10), which was released in October of 2014."
I'm not sure what all the fuss is, especially considering it runs as user.
This malware is definitely a 'backdoor' in "hacker-speak".
It's called a backdoor regardless of whether it sneaks in with some other software or is installed after compromising the host.
'Malware' would traditionally imply that it's mass distributed, not targeted, though it's not an exact term.
Not all 'malware' opens a 'backdoor' either. For example, something that only encrypts your disk and demands ransom without including any remote control functionality. Or more traditional viruses and similar.
> Careful, the Jobsian cult will be after you for such blasphemy.
Oh, I agree. Remember Mac Defender? "AppleCare employees were told not to assist callers in removing the software." (Wikipedia quote, true, but it was also all over the news at the time). Macs are more secure, due to their 'nix underpinnings, but Apple has sometimes been lackadaisical when it comes to security. They do seem to be getting a bit better. I guess they've figured out the ostrich defense doesn't look so good after all.
>The fact that this is at all newsworthy (compared to the uncountable hordes of Windows malware) tells you something.
True enough, but no reason to get all complacent either. I know I am always interested in Linux/OSX malware to get a sense of the risk for us non-Windows users.
Any recommendations for a good Mac AV/malware scanner? I've used Sophos and it was a real hog, always sucking up CPU for live scans. I am more interested in something that I can launch when I want, for example on a download. Not something that acts like a junior McAfee by being on alert all the time. Malwarebyte?
IMHO, the problem with Mac/Linux AVs is that they are a bit like the SWAT team in Luxembourg. Sure, they can talk the talk and look tough. But they've seen so little action that it's hard to know how they will react when the shit hits the fan. So it's not sure if their donut bill is worth it.
"SWAT team in Luxembourg"
HA! That's worthy of many upvotes.
Help! I think I'm having a vulns in my A/UX!
https://en.wikipedia.org/wiki/A/UX
Oh, never mind, I was just missing one of the fifty floppy disks needed to install it. :)
This is also reminding me to hurry up and play with the lime green 333MHz G3 iMac I have sitting on my kitchen table so I can get to the next project which probably has some RPi gear needing the space.
Last time I got a computer malware, for real, was in 1988. I copied some games, Crystal Quest you guys!, from my girlfriend's work computer and caught it bad. Fortunately, I just copied some cleaning software from my work and all was right with the world. Gosh, I miss that girlfriend's cat. Mr Gnome was quite a guy.
Macs. They used to smile at you, you know.
The last time i lost any work - on any system - was on Vista. It wasn't due to a virus, but to Vista restarting *my* laptop after I'd left it to render some raytraced images overnight.
I lost work because Vista wanted to restart itself to install updates to prevent some virus from making me lose any work. (Did I get that right?)
So yeah, I'd have rather been using OSX back then. Except said CAD software wasn't then available for OSX or Linux (though it's a bit better now). At the time, I was also envious of my boss for the way his G4 Mac Pro woke from sleep instantly the moment he brushed its mouse when he popped in the office.
Quite.
Some well-known apps (Ultr@VNC etc) is ignored, whilst others (Remote Admin etc) usually get flagged.
Is a PITA, especially when more than one IT house has access to a site, and each loads/installs their version of remote control onto the PC's.
Then you come along, tasked with installing antivirus protection, then the AV flags half of the installs as bad whilst ignoring the rest...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
