Initially aimed at Windows PCs, the notorious GravityRAT spyware now also makes attacks against Macs and Android devices.
Remote Access Trojans (RATs) are so-called because they masquerade as legitimate apps (the Trojan part) and then allow remote access to the compromised machine …
The Bleeping Computer reports on spyware capabilities.
Macs are relatively well protected against trojans because Apple vets apps allowed into the Mac App Store, and by default won’t allow software from other sources to be enabled. If the default protection is overridden by a user, macOS also tests to see if the app is signed by a legitimate developer.
However, BleepingComputer reports that to make the apps appear legitimate, the group behind GravityRAT uses stolen developer signatures.
The infected apps can not be mentioned, as GravityRAT mimics a variety of legitimate apps. The best defense is to ensure that you install apps only from the Mac App Store or from developers you trust directly. Similarly, unless you know their provenance, do not plug cables or devices into your Mac.