Newly Discovered Mac Malware Captures and Stores Screenshots
New Mac spyware was discovered earlier this week on a computer at the Oslo Freedom Forum, an annual human rights conference. Located by computer security researcher Jacob Appelbaum, the malware, which has been deemed OSX/KitM.A, is currently being investigated by anti-virus company F-Secure, reports CNET.
The malware is a backdoor application called "macs.app," which launches automatically upon login and captures screenshots that it then sends to a MacApp folder in the user's home directory. Two command-and-control servers, located at securitytable.org and docsforum.info, are associated with the malware, but one does not function and the other gives a "public access forbidden" message.
Interestingly, the malware is signed with an Apple Developer ID, which is designed to prevent the installation of malware. Apps that are unsigned are blocked by default by Apple's Gatekeeper security option.
This bit of malware is somewhat unique in that it is signed with what appears to be a valid Apple Developer ID associated with the name Rajender Kumar. Though not an uncommon name, this may be a reference to the late Bollywood actor of a similar name. Regardless, the use of the ID appears to be an attempt to bypass Apple's Gatekeeper execution prevention technology.
Currently, F-Secure is investigating where the malware originated, and though it does not appear to be widespread, it can be mitigated by removing the macs.app program from the log-in menu. Apple often addresses malware threats quickly, and has the ability to revoke the developer ID to further limit the spread of the software.
Popular Stories
As reported by Bloomberg today, some of the new iPhone 17 Pro and iPhone Air models on display at Apple Stores today are already scratched and scuffed.
French blog Consomac also reported on this topic.
The scratches appear to be most prominent on models with darker finishes, including the iPhone 17 Pro and Pro Max in Deep Blue, and the iPhone Air in Space Black.
Images Credit: Consoma ...
Apple is preparing to release iOS 26.0.1, according to a private account on X with a proven track record of sharing information about future iOS versions.
The update will have a build number of 23A350, or similar, the account said.
It is likely that iOS 26.0.1 will fix a camera-related bug on the new iPhone Air and iPhone 17 Pro models. In his iPhone Air review, CNN Underscored's Henry T. ...
Apple's new iPhones launch today, and there are plenty of options to choose from when it comes to protecting your new device from drops and scratches. In this article, we're taking a look at some of the best options for iPhone 17, iPhone 17 Pro, and iPhone 17 Air cases, as well as a few charging accessories.
Note: MacRumors is an affiliate partner with some of these vendors. When you click a...
While the iPhone Air is equipped with Apple's custom C1X modem for cellular connectivity, all of the iPhone 17 models are outfitted with Qualcomm modems still.
A teardown video shared on Chinese platform Bilibili today (via Reddit) appears to confirm the iPhone 17 Pro Max is equipped with Qualcomm's Snapdragon X80 modem in particular. The same modem is likely used in the iPhone 17 and iPhone ...
Wednesday September 17, 2025 2:56 pm PDT by
Juli CloverIt's been two days since iOS 26 was released, and Apple's new Liquid Glass design is even more divisive than expected.
Any major design change can create controversy as people get used to the new look, but the MacRumors forums, Reddit, Apple Support Communities, and social media sites seem to feature more criticism than praise as people discuss the update.
Complaints
There are a long...
YouTube channel REWA Technology today shared an iPhone 17 Pro teardown video, offering a closer look inside the model with a SIM card tray.
We are still waiting for repair website iFixit to share a more comprehensive teardown of the latest iPhone models, but this video provides a good look in the meantime.
The device features various internal design changes, including larger rear camera...
