• Guest Post   |
  • Submit App Review   |
  • Submit PR   |
  • Advertise   |
  • Contact Us
  • Login
No Result
View All Result
Advertisement
Mobile App Development | Design | Marketing Magazine: Appedus
Subscribe
  • Home
  • App Development
  • App Marketing
    • All
    • App Onboarding
    • App Store Optimisation
    • App User Engagement
    • Push Notifications
    How-to-Create-a-Mobile App-Marketing-Strategy-That-Works-appedus

    How to Create a Mobile App Marketing Strategy That Works

    How-to-Monetize-Your-Mobile-App-Strategies-for-Success-Appedus

    How to Monetize Your Mobile App: 5 Best Strategies for Success in 2023

    App-Analytics-and-Data-Driven-Insights-Appedus

    Marketing 101 : Top App Analytics and Data-Driven Strategies

    In-app-purchases-and-in-app-subscriptions-Appedus

    In-App Purchases and Subscriptions

    Trending Tags

      • App Store Optimisation
      • App User Engagement
      • App Push Notifications
      • App Onboarding
      • App Analytics
    • App Design
    • App Reviews
      • All
      • Books & Reference
      • Business
      • Dating
      • Education
      • Finance
      • Fitness
      • Food & Drink
      • Health
      • iOS apps
      • Lifestyle
      • Medical
      • Photography
      • Productivity
      • Shopping
      • Social
      • Travel
      • Utilities
      • Video Editing
      The-future-of-mobile-virtual-events-and-webinars-appedus

      The Future of Mobile Virtual Events and Webinars

      The-Rise-of-Mobile-Payment-and-Financial-Apps-Appedus

      The Rise of Mobile Payment and Financial Apps

      Adverse Effects Of UV Radiation

      6 Adverse Effects Of UV Radiation

      6-iOS-Productivity-Apps-I-Cant-Live-Without-appedus

      6 Best iOS Productivity Apps You Can’t Live Without

      7-Reasons-Why-Every-Business-Should-Be-Mobile-Friendly-appedus

      7 Reasons Why Every Business Should Be Mobile-Friendly

      The-top-ten-mobile-apps-all-travellers-should-use-appedus

      The top ten mobile apps all travelers should use

      5-Ways-To-Promote-Your-Mobile-App-In-A-Smarter-Way-scaled-appedus

      5 Ways To Promote Your Mobile App In A Smarter Way

      What-To-Do-If-Your-Cell-Phone-Is-Lost-or-Stolen-appedus

      What To Do If Your Cell Phone Is Lost or Stolen

      Free-Android-Meme-Maker-Appedus

      5 Best Free Android Meme Maker

      Trending Tags

      • Travel
      • fitness
      • Video Editing app
      • Utilities
      • Lifestyle
      • Medical
      • Photography
      • Productivity
      • Shopping
      • Social
      • Travel
    • App Events
    • Exclusive
    • Home
    • App Development
    • App Marketing
      • All
      • App Onboarding
      • App Store Optimisation
      • App User Engagement
      • Push Notifications
      How-to-Create-a-Mobile App-Marketing-Strategy-That-Works-appedus

      How to Create a Mobile App Marketing Strategy That Works

      How-to-Monetize-Your-Mobile-App-Strategies-for-Success-Appedus

      How to Monetize Your Mobile App: 5 Best Strategies for Success in 2023

      App-Analytics-and-Data-Driven-Insights-Appedus

      Marketing 101 : Top App Analytics and Data-Driven Strategies

      In-app-purchases-and-in-app-subscriptions-Appedus

      In-App Purchases and Subscriptions

      Trending Tags

        • App Store Optimisation
        • App User Engagement
        • App Push Notifications
        • App Onboarding
        • App Analytics
      • App Design
      • App Reviews
        • All
        • Books & Reference
        • Business
        • Dating
        • Education
        • Finance
        • Fitness
        • Food & Drink
        • Health
        • iOS apps
        • Lifestyle
        • Medical
        • Photography
        • Productivity
        • Shopping
        • Social
        • Travel
        • Utilities
        • Video Editing
        The-future-of-mobile-virtual-events-and-webinars-appedus

        The Future of Mobile Virtual Events and Webinars

        The-Rise-of-Mobile-Payment-and-Financial-Apps-Appedus

        The Rise of Mobile Payment and Financial Apps

        Adverse Effects Of UV Radiation

        6 Adverse Effects Of UV Radiation

        6-iOS-Productivity-Apps-I-Cant-Live-Without-appedus

        6 Best iOS Productivity Apps You Can’t Live Without

        7-Reasons-Why-Every-Business-Should-Be-Mobile-Friendly-appedus

        7 Reasons Why Every Business Should Be Mobile-Friendly

        The-top-ten-mobile-apps-all-travellers-should-use-appedus

        The top ten mobile apps all travelers should use

        5-Ways-To-Promote-Your-Mobile-App-In-A-Smarter-Way-scaled-appedus

        5 Ways To Promote Your Mobile App In A Smarter Way

        What-To-Do-If-Your-Cell-Phone-Is-Lost-or-Stolen-appedus

        What To Do If Your Cell Phone Is Lost or Stolen

        Free-Android-Meme-Maker-Appedus

        5 Best Free Android Meme Maker

        Trending Tags

        • Travel
        • fitness
        • Video Editing app
        • Utilities
        • Lifestyle
        • Medical
        • Photography
        • Productivity
        • Shopping
        • Social
        • Travel
      • App Events
      • Exclusive
      No Result
      View All Result
      Mobile App Development | Design | Marketing Magazine: Appedus
      No Result
      View All Result
      Home News-Curated

      A malware secretly takes screenshots using macOS zero-day

      by Rusy Shah
      May 25, 2021
      in News-Curated, Apple, Featured
      Reading Time: 2 mins read
      0
      Security vulnerabilities in macOS

      The malware secretly takes screenshots on your MacBook

      Share on FacebookShare on Twitter

      Table of Contents

      • Introduction:
      • About the malware history:
      • The contributing researchers:

      Introduction:

      About a month ago the researchers unveiled a notorious malware family. It continued to exploit a never-before-seen drawback in the macOS security defenses. The malware was running unimpeded. Some researchers say that a new malware can sneak onto macOS systems because of another drawback. Jamf says it found evidence that the XCSSET exploits a vulnerability that allows it to excess certain parts of macOS. These parts are the ones that require permission like accessing the microphone or screen recording. And malware accessed these things without user permission. 

      About the malware history:

      XCSSET was first found by Trend Micro in 2020 that targets Apple developers. It specifically targets their Xcode projects that use coding to build apps. It infects doors app development projects. This way the developers unknowingly send the malware to the users. Trend Micro researchers describe this as a “supply chain attack”. 

      The malware continues to develop while the recent variants target systems running the new M1 chip. As the malware bronze on the victim’s computer, it uses two zero-day days. First, it steals cookies from the Safari browser to access the user’s online accounts. This way the attackers can modify and sneak on virtually any website. 

      But Jamf says that the malware exploits a previously discovered third zero-day. On this day it starts taking screenshots of the victim’s screen. The Mac OS asks the user for permission before it allows any app to interact with the system. This includes recording the screen or using the microphone or webcam. The malware bypassed the permissions prompt by getting under the radar. It was injecting malicious code into the apps. 

      The contributing researchers:

      Jamf researchers Jarod Bradley, Ferdous Saljooki, and Stuart Ashenbrennwr explain in a blog post. The malware looks for the apps on the victim’s computer that require screen sharing permissions. These apps include Zoom, WhatsApp, and Slack. The malware injects malicious screen recording code into these apps. This allows the code to piggyback the legitimate app and inherit its permissions. Then the malware signs the new app bundle with a fresh certificate to avoid getting a flag from macOS’ in-built security. 

      The researchers caution that it is not limited to only screen recording. The bug could be used to access the victim’s microphone webcam or capture their keystrokes. This way the passwords for credit card details can be stolen.

      mm

      Rusy Shah

      Bonjour! I am the Assistant Editor at Appedus and I write about the mobile development ecosystem. I hold a post-graduation degree in Computer Science and Information Technology and have worked as a freelance content writer with various clients. I have a passion for words and took up writing seriously after my daughter's birth. A stay at home mom, I am also a tech writer. The coolest mom you will ever meet!!! You can reach me at hola@appedus.com

      Next Post
      Faculty Growth Funding Round

      UK based startup Faculty raised $42.5m in growth funding round

      Weekly Newsletter

      Top Apps This Week

      The-Top-Mobile-App-Trends-to-Watch-for-in-2023-appedus
      Featured

      The Top Mobile App Trends to Watch for in 2023

      by Editorial
      March 2, 2023

      In this article, we will explore the top mobile app...

      Read more
      The-future-of-mobile-virtual-events-and-webinars-appedus

      The Future of Mobile Virtual Events and Webinars

      February 22, 2023
      The-Rise-of-Mobile-Payment-and-Financial-Apps-Appedus

      The Rise of Mobile Payment and Financial Apps

      February 17, 2023
      Load More

      About Us

      Mobile App Development | Design | Marketing Magazine: Appedus

      Appedus is a mobile app ecosystem focused news publishing platform which covers various topics like app design, app development, app marketing and other relevant news, views or opinions. We also publish industry insights, e-books, developer interviews and e-magazines. You can get in touch with us on hola@appedus.com or you can snail mail us at

      Medianiti Ltd. Brooklands Business Park, Wellington Way, Weybridge KT13 0TT, United Kingdom

      Latest Articles & News

      Advantage-of-App Event API-in-2023-appedus

      Advantage of App Event API in 2023?

      May 22, 2023
      Tech-Industrys-Shakeup-Unveiled-Transformative-Tech-Industry-Layoffs-2023s-and-the-Rise-of-Resilience-appedus

      Tech Industry’s Shakeup Unveiled: Transformative Tech Industry Layoffs 2023’s and the Rise of Resilience

      May 17, 2023

      Important Links

      • Guest Post
      • Submit App Review
      • Submit PR
      • Mobile App Marketing
      • Mobile App Reviews | Top Android & iOS app reviews
      • Top Apps
      • Curated News
      • Advertise
      • Contact Us

      Subscribe

      • About Appedus
      • Advertise
      • App Events
      • Appedus
      • Contact Us
      • Exclusive at Appedus
      • Our Authors, Contributors & Writers
      • Privacy Policy
      • Submit App for Review
      • Submit Free Press Release
      • Thank You
      • Tip-Off
      • Write For Us | Mobile App Development Guest Post
      • Write For Us | Mobile App Development Guest Post Paid

      © 2022 Appedus - Appedus All Right Reserved

      No Result
      View All Result
      • About Appedus
      • Advertise
      • App Events
      • Appedus
      • Contact Us
      • Exclusive at Appedus
      • Our Authors, Contributors & Writers
      • Privacy Policy
      • Submit App for Review
      • Submit Free Press Release
      • Thank You
      • Tip-Off
      • Write For Us | Mobile App Development Guest Post
      • Write For Us | Mobile App Development Guest Post Paid

      © 2022 Appedus - Appedus All Right Reserved

      Welcome Back!

      OR

      Login to your account below

      Forgotten Password?

      Retrieve your password

      Please enter your username or email address to reset your password.

      Log In
      This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
      Go to mobile version