Sign In

Communications of the ACM

ACM TechNews

Malware Caught Using macOS Zero-Day to Secretly Take Screenshots

View as: Print Mobile App Share:
A hacked image on a smartphone.

Mac users will want to update to the latest version of Mac OS as soon as possible, as the update patches a security flaw that allows hackers to secretly take screenshots of your computer screen.


Researchers from software company Jamf have reported that the XCSSET malware has been exploiting a newly discovered zero-day vulnerability that allows it to bypass macOS security defenses and take screenshots without the user's permission.

Previously discovered zero-days are used by the malware to steal cookies from the Safari browser to access victim's online accounts and to install a development version of Safari.

The malware was able to bypass macOS permissions by injecting malicious code into legitimate apps, like Zoom, WhatsApp, and Slack, then inheriting the permissions of the legitimate app across macOS.

The researchers said the malware also could be used to access microphones and webcams or capture users' keystrokes.

Apple has released macOS 11.4 to fix the bug.

From Tech Crunch
View Full Article


Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account