Here is a list of new strains of malware going around in Mac world:

This file-encrypting ransomware program is found on BitTorrent websites, masquerading as an Adobe Premiere CC or Office 2016 patcher. If you get infected, it encrypts your files permanently — even if you pay the “ransom.” You can read more about it here.

The biggest buzz in Mac malware this month involved a backdoor associated with a group known variously as Sofacy, APT28, and Fancy Bear. If a Mac has previously been infected by Sofacy’s malware known as Komplex, that malware may download and install XAgent as a secondary infection. Read more about it here

A report was published describing Mac malware called MacDownloader or OSX.iKitten.A. The malware was targeted at the United States defense industry, and was distributed through a site that impersonated an aerospace firm. 

EmPyre Word Macro
A file recently circulated that contained a Microsoft Word macro which contained the EmPyre malicious code, and become infected with additional malware. Read more about it here.

A new remote-access Trojan (RAT) called PROTON (OSX.Proton.A) was found on a Russian cybercrime message board. The RAT was reportedly available for other would-be criminals to purchase for their own targeted campaigns, and even offered to add an Apple-approved developer signature to the attacker’s custom RAT software in order to bypass Apple’s Gatekeeper protection on the victim’s Mac.


Thank you Intego for keeping us up to date.

Richard Goon

For over 25 years, Rich has been a key member of HCS Technology Group, managing a wide range of projects spanning graphic arts, troubleshooting networking issues, and optimizing client workflows.

Speak with an Apple Certified expert today

We’d love to discuss your business challenges, even if you’re not sure what your next step is. No pitch, no strings attached.

Let's Talk