Apple updated Xprotect to fight against Proton & other malware

Lately Apple updated the security app Xprotect for macOS, after which the software is able to detect common malware including Xagent. Other malicious software like OSX.Proton.A, which was barely noticed, will also be prevented.

Israeli network intelligence company Sixgill was the first to found out that the malware sells at 40 bitcoins on deep web, before anything worse occurs they also detected the attack coming from deep web and the reveal of sensitive data.

Sixgill said the malware belongs to RAT (Remote Access Tool), without being detected by antivirus software it can fully access macOS devices, obtaining the target’s full control, keyboard input record, notification content, webcam/screen monitor, premium customer support, file uploading/downloading as well as using VPS to create SSH/VNC channels, etc.

The company also reported that the Proton threats are mainly towards macOS, “The publisher of Proton RAT somehow passed Apple’s strict procedures set for third-party app developers on macOS, and finally got verified. That means hackers may sell this malware through Apple’s official code signing with unlimited installation granted.

Developers of Proton targets enterprises, families, system administrators and parents as their consumers, for their psychological needs probably. But we can be sure that users will reject Proton for protecting their personal privacy.