Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
The latest malware to hit Mac operating systems is the EasyDoc Converter. Cyber security experts have discovered this dangerous Mac malware on reputed online websites offering applications and software for the Mac OS. If Mac users still believe that their systems cannot get infected then they better get wary now.
The EasyDoc Converter poses to have the ability to convert files; however, the malicious EasyDoc Converter does not do any conversion or any other genuine function. It is a script that contains an embedded backdoor malware, which has been designated as Backdoor.MAC.Eleanor. This Mac malware allows attackers to gain complete access of the operating system, the webcam, shell execution and the file explorer.
The cyber criminals have employed the tool Platypus to create the malicious app. When the malicious app runs it displays a screen typical to a drag-and-drop file converter, but it lacks any functionality. The malware installs a number of malicious components in the startup of the computer – a Tor Hidden Service, Web Service (PHP), and a PasteBin Agent.
The Tor Hidden Service: This Hidden Service component enables access to the Web Service (PHP). The Tor creates a new public/private key pair and a “hostname” file. This hostname utilizes the Web Service(PHP) component to completely control the system. Two local services are accessed by the hidden service – a SSH service and a web service.
Web Service(PHP): The infected startup configuration allows the cyber criminal to gain control of the machine. It listens to a specific port and this service has 3 main components – a main control panel, WebCam Control Panel, and an Agent.
The main control panel is password protected and allows the cyber criminal to perform certain critical unauthorized activities – execute commands, execute scripts, send mails with attachments, access Task Manager, access the process list, convert strings, and connect to DBMS systems.
The Mac Malware gains control of the webcams connected to or those that are part of the system. This allows it to capture videos and images and also views images in the gallery app of the system.
The Agent component helps the cyber criminal to execute shell scripts and acquire files including videos and images on the computer.
The cyber criminals control each infected machine by using a unique Tor address for each system. And then using the PasteBin Agent, the unique addresses are stored at the pastebin.com website. This is a website that allows storing of text for online sharing of data. Furthermore, these TOR addresses are not easily visible as they are encrypted.
How to protect against Mac Malware?
Following the above listed precautions will help fend off many new and advanced malwares.
Tags: Mac Malware,antivirus
Reading Time: 2 minutes Many people don’t take Potentially Unwanted Applications (PUA) as a serious danger. The reason for such a reckless attitude is that PUA are usually installed with the consent of the user. But this opinion is a big mistake. And not only because a PUA can covertly install other programs like adware or spyware on a…
Reading Time: 1 minute Do you use Facebook Messenger? Do you use Chrome on your desktop? Do you also use Bitcoin and have a wallet? Would you install something that says that it’s a codec in order to watch a video? Then I hope you didn’t get hit by FacexWorm.
Reading Time: 2 minutes Why should fathers day be about you alone? It could well be about your children, right? After all, they are your flesh and blood and the reason you are working hard. So let’s be different this Father’s day and turn things around by giving a gift to your children instead you expecting a gift from…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats