Has You Been Hacked? (from MacWorld, July 2023).
Most Mac users feel that their computers are generally free from malware and virus that seem to attack users in the PC world, but they are not totally safe. Attackers can get in to steal your data or destroy files. With the protections offered by Gatekeeper, the Secure Enclave features of the M1- and M2-series of chips and the T1 or T2 chip, and Apple’s built in antivirus XProtect, hackers may consider targeting Macs too much effort. Apple has generally been quick to respond to reported vulnerabilities but not always.
With the update to Ventura, security releases do not require access to the operating system so more users are protected if they delay OS updates. This means the security part of any macOS update can be automatically installed on your Mac without you having to do anything—although we recommend you check the following to ensure it is set up on your Mac:
- Open System Settings.
- Choose General.
- Click on the letter i beside Automatic Updates.
Now your Mac will install the security update on its own without any effort on your part.
Here is some background on problems that might occur.
“Cryptojacking: This is where someone uses your Mac’s processor and RAM to mine cryptocurrency. If your Mac has slowed right down, this could be the culprit.
Spyware: Here hackers attempt to gather sensitive data about you, such as your log-in details. They might use key loggers to record what you type and eventually gain the information they need to log in to your accounts. In one example, the OSX/OpinionSpy spyware was stealing data from infected Macs and selling it on the dark web.
Ransomware: Some criminals use ransomware (fave.co/3oECez6) to try to extort money from you. In cases like that of KeRanger, hackers could encrypt files on Macs and then demand money to unencrypt them. Luckily, security researchers identified KeRanger before it started infecting Macs, so it was addressed before it became a serious threat. In April 2023, security researchers warned (fave.co/3MZA8Dc) that a collective known as LockBit was working on ransomware encryptors that work on Macs using both Apple M-series chips and Intel processors.
Botnet: In this case your computer becomes a remotely operated spam machine. In the case of the Trojan Horse botnet, OSX. FlashBack spread to over 600,000 Mac computers.
Proof of concept: Sometimes the threat isn’t actually seen in the wild, but is a proof of concept based on a loophole or vulnerability in Apple’s code. While this is less of an immediate threat, the concern is that if Apple isn’t quick enough to close the vulnerability, criminals could utilize it. In one example of such an instance, Google’s Project Zero team designed a proof of concept know as Buggy Cos, which was able to gain access to parts of macOS thanks to a bug in macOS’ memory manager.
Port exploits: It’s not always the case that the hack is made possible by some sort of malware that has downloaded onto the Mac. In some cases Macs have been hacked after something is plugged into a port. It is possible that Macs could be hacked via the USB and by the Thunderbolt port—which is a good reason to always be careful about what you plug into your Mac or about leaving your Mac unattended. For example, in the checkm8 exploit (fave.co/3qjOtRQ), it could have been possible for hackers to gain access to the T2 chip by plugging in a modified USB-C cable. Similarly, in the case of Thunderspy (fave.co/3qmRaSE), a serious vulnerability with the Thunderbolt port could have granted a hacker access to a Mac.”
Your Mac camera is relatively safe as it shows a green light when on and you must give permission for it to be used by an app.
Have you been hacked? Is your Mac running slow, web connecting not operating as usual, seeing sketchy ads? Seeing something unusual in your on-line banking?
How to check:
- Go to haveibeenpwned.com to see if you were part of a data breach.
- Look at your Activity Monitor for unusual activity
- Look at your System Settings>Sharing. Anyone unusal connected?
- Perform a sweep of your system with software. (co/3Gaf9tt)
More suggestions to protect yourself:
- Only download from the Mac App Store or official sites of manufacturers.
- Avoid clicking on emails from someone you do not know.
- Don’t use cables or memory sticks you are not sure of.
- Don’t plug into cables at airports. Plug your charger in for power (mainly applies to IOS devices)
- Consider using a VPN service or surf web in private or incognito mode.
- Do not respond to a ransome wear email or phishing email, it will confirm that you exist.
- Download OS updates as they arrive.
- Consider security software such as: Malware bytes, McAfee, or Norton 360.
- Use a password manager such as 1Password or LastPass.