There are several waysIdentifying the presence of malware on Mac (or a Windows PC). One of them is based on the following fact: malware is usually persistent. that meansEven if you shut down or restart the machine, they continue to work without your knowledge.. This behavior is not specific to malware, many software use it for example to save your settings.
THEM Background Task ManagerReleased with MacOS Ventura in October 2022, it is used to describe such programs. If one of them persists for too long, it displays a warning. If it’s software you installed yourself, you ignore it. Otherwise, this could potentially indicate the presence of malware. The problem is, Patrick Wardle, a cybersecurity researcher,it is very easy to prevent hackers from working.
Hackers Can Easily Bypass Mac Malware Reporting Tool
Patrick Wardle has already described Flaws in Apple’s tool. The alerted company fixed them, but did not go any further. The researcher found three more. Requires one of these full access rights to the machineduring the other two don’t need it, this is immediately more worrying. Taking advantage of a bug in the way the alert system communicates with the kernel, the heart of the Mac, hackers can prevent notifications from showing. Another error allows suspend processes on the machinehence the display of warnings.
The researcher did not contact Apple before disclosing these flaws. He explains that without this being followed up, he has already warned the Apple brand about the weaknesses of his tool. for him, as if there is no malware reporting tool on mac. Apple has yet to comment on the matter. Let’s not forget that malware on macOS is a reality. Even the notorious LockBit ransomware has started attacking Macs.
Source : wired