Kaspersky Lab has discovered a new Trojan that can infect Macs. It is called GravityRAT and has previously been spread on Windows.
Because of how capable it is – and that it has been used in attacks on, among other things, the military – Kaspersky Lab calls GravityRAT “infamous”.
The Trojan can, among other things, upload Office files, take automatic screenshots and record keyboard logs.
GravityRAT uses stolen developer certificates to bypass Gatekeeper and trick users into installing legitimate software. The Trojan is hidden in copies of various legitimate programs developed with .net, Python and Electron.
A control server that sends new commands and receives exfiltered files and data from the infected computer is shared with two other malware, Enigma and Titanium,
writes Bleeping Computer.
Here’s a complete
list of all the viruses and malware on the Mac. You may also be interested in
How to remove a virus from a Mac. We also recommend you read our
best Mac security tips and our
round up of the best Mac antivirus apps.
This article originally appeared on
Macworld Sweden. Translation by Karen Haslam.