Russian Hackers Target Mac Users With ‘Komplex’, a MacOS Malware Downloader

Researchers from Bitdefender have come up with an idea that is believed to be a source of hacking in MacOS devices. Komplex is a macOS malware dubbed as a downloader and researchers believe that it is the first macOS malware version of the Trojan. It affects mac users under MacKeeper antivirus kit.

See Also:: Use VR On Mac Using ‘VR Desktop App For Mac’ Application By Cindori

Previous History

Previously, the group known as FancyBear,  Pawn Storm, and APT28 is believed to have carried out cyber espionage and attacks since last decade.

The known Operating systems on which their malware exploited the affected targets were Windows, Linux and iOS. Now, researchers pinpoint at a macOS malware that initiates hacking in macs.

Lately, it is believed by researchers that it is not a group but a sole person who is responsible behind all the hacking and development of the Trojan program known as X-Agent. This is the same group or person who is blamed for hacking into the US Democratic National Committee last year.  

X-Agent’s operating mechanism is traced now by researchers in macOS. This makes mac devices highly volatile to get exploited if they come across a macOS malware known as Komplex.

What are Potential Targets of ‘Komplex’ Malware?
The prime focus of malware seems to be the probe system of affected user’s hardware and software configurations, it grabs a list of running processes, executes additional files. It is also believed to take the screen shots of affected users, moreover, harvest the browser passwords.

One module of the ‘Komplex’ malware is desgined to hack the iOS backups, steal iPhone backups stored on Macs.

How Does This Happen?
According to researchers from Palo Alto Networks, it is believed that Komplex infects Macs by exploiting vulnerability, located in MacKeeper antivirus software. The exploit allows the attacker to remotely craft web pages or even execute remote commands on a mac when a user visits.

At this point, it is unclear as what gains will the hacker group or the person known as X-Agent will get out of this exploit.