Eleanor malware is a new Apple Mac malware risk and it lets hackers take over your computer.
The Eleanor malware (Backdoor.MAC.Eleanor) runs a malicious script on the Mac computer. It then installs and registers three components at start-up including (1) a Tor Hidden Service, (2) a PasteBin client and (3) a PHP Web Service.
The malware was available on MacUpdate from a free app called EasyDoc Converter. The app is suppose to convert file formats from Apple to Microsoft Word. Instead of converting, it installs a backdoor when run and opens the door for cyber criminals.
There is some good news in regards to Eleanor malware. The app was never signed with a certificate from Apple but there are lessons to be taken away from this threat.
- If an application does not have a code signature, the Mac OS X will not open it by default.
- Not every unsigned app is malicious but it is a measure of protection.
- If an app is found to be malicious, Apple can revoke the certificate used to sign the app.
- Be careful of running old apps as they may have not been updated from malicious threats.
- Be cautious from where you download apps.
How do you protect yourself from Eleanor malware?
In order to protect yourself from cyber criminals, avoid installing EasyDoc app. Next, ensure that your systems Gatekeeper is enabled via System Preferences > Security & Privacy. Finally you can install Anti-Malware for Macs to protect which will scan and remove code that degrades performance or attacks your system.
365 iT SOLUTIONS is delivers IT consulting in Toronto with a wide variety of services including Managed IT Services, IT Support Services, IT Outsourcing Services, Tech Support Services and Cloud Services. Let our Complimentary Network Assessment put your entire IT infrastructure and security to the test.
