Hackers are plotting to hijack your Mac in the Dark Web

Hackers are plotting to hijack your Mac in the Dark Web
An Apple employee points to the Touch Bar on a new Apple MacBook Pro laptop
Source: Stephen Lam/Getty Images
An Apple employee points to the Touch Bar on a new Apple MacBook Pro laptop
Source: Stephen Lam/Getty Images

There's a sketchy corner of the internet that can only be accessed through networks like Tor called the Dark Web. It is there that you can find new variants of sophisticated malware that promise to hack Apple computers.

Mac computers are typically safe from viruses, as most viruses are built to affect PCs. According to data from McAfee, there are 23 million malicious programs aimed at Windows users, as opposed to roughly 450,000 targeting Mac users.

But the two types of malware up for sale on the Dark Web specifically target Apple products, and they've been made available for free by their creators.

"Cybercriminals are eyeing Macs, they're definitely a juicy target," Patrick Wardle, a security researcher from antivirus software company Objective-See told Motherboard. "I think it's a natural progression that's not that surprising to see. But in some ways, yes, it's kind of a milestone."

The two malware were uncovered by security firms Fortinet and AlienVault, the BBC reported. Both are a security threat.

One, called MacRansom, is ransomware: It encrypts a user’s data and mandates payment in exchange for the release of files. This is similar to the recent WannaCry attack that hit more than 300,000 computers across 150 countries, asking affected users to pay $300 in Bitcoin for access to their files.

The other is spyware, called MacSpy, which monitors your activity to gather important information. It accomplishes this by saving keystrokes, recording audio and capturing screenshots every 30 seconds.

What can Mac users do? For one, you can stay on top of Mac operating system updates that patch any vulnerabilities.

"There are no perfect mitigations against ransomware," Fortinet wrote in a blog post. "However, the impact can be minimized by doing regular backups of important files and being cautious when opening files from unidentified sources or developers."