Apple releases urgent update after spying malware uncovered

The Trident Mac hack could turn desktops into spying devices

Apple has issued an urgent security update to Mac desktop and laptops running on OS X El Capitan and Yosemite following the discovery of a vulnerability that could transform devices into spying tools.

The hack has been described as the "most sophisticated spyware" ever seen and is accessed by the user clicking on a malicious link in the Safari web browser. This link triggers spyware called "Pegasus" to start running, which can then use a flaw in the machine's OS X software to run two other exploits. These allow access to the computer's kernel, which means the criminal can view everything, from bank details, their current location and more.

Advertisement - Article continues below

Apple's security notes page recommends all users of Macs running on El Capitan or Yosemite install the update, Security Update 2016-001 for El Capitan and Security Update 2016-005 for Yosemite as soon as they can.

The Safari browser has also been patched to stop criminals using that as a gateway too. The flaw was discovered by Lookout and Citizen Lab.

The hack the same as one that was discovered on iPhones last week, allowing criminals to take control of the devices and watch the user, monitoring the apps they use and information they enter into their smartphone. Apple quickly released an update to stop hackers using the Trident vulnerability. Like this potential hack on desktops, Trident could use apps such as Gmail, Facebook and WhatsApp to spy on whatever the user is doing.

Advertisement
Advertisement - Article continues below

So far, the hack has only been seen targeting one person, Emirati civil rights activist Ahmend Mansoor. However, it could conceivably be in use in the wild spying on other individuals who don't realise they have been attacked.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/mobile/mobile-security/355889/parachute-introduces-superlock-feature
mobile security

Parachute's Superlock feature keeps your phone recording in an emergency

2 Jun 2020
Visit/security/encryption/355820/k2view-innovates-in-data-management-with-new-encryption-patent
encryption

K2View innovates in data management with new encryption patent

28 May 2020
Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020

Most Popular

Visit/security/ransomware/355891/nasa-it-contractor-ransomware-hack
ransomware

Ransomware collective claims to have hacked NASA IT contractor

3 Jun 2020
Visit/security/exploits/355866/critical-vmware-cloud-director-exploit-lets-hackers-seize-corporate
exploits

VMware Cloud Director exploit lets hackers seize corporate servers

2 Jun 2020
Visit/data-insights/data-science/355678/how-data-science-is-transforming-business
Sponsored

How data science is transforming business

29 May 2020