macOS is being targeted by 'Cobalt Strike' that opens your machine up to hackers

Apple MacBook thats got a sad, sick emoji on it
(Image credit: Future/ iMore)

Cybersecurity company SentinelOne has reported today about a new Mac virus that when opened on your Mac will give hackers access to your machine. The virus, named 'Geacon', is a version of the Cobalt Strike virus, used against Windows users for some time.

Now, this new version of the virus can be implanted on Mac users' machines, letting hackers in with what is commonly known as a trojan horse – an innocuous-seeming file that ultimately allows hackers to access your machine.

What does it do?

Targeting macOS Mavericks and above, the virus is able to penetrate machines with either Intel or Apple silicon. It does require that you give it access to your camera, microphone, and administrator privileges, so it's vital that you're keeping an eye on everything that you install from the internet.

Once on your Mac, it sends out 'beacons' to bad actors that have downloaded the virus and sent it out to unsuspecting victims. Sentinel One says that these beacons have "a multitude of functions for tasks such as network communications, encryption, decryption, downloading further payloads and exfiltrating data."

In essence, the hacker can access your data, location, and stuff sent over your data connection.

Viruses like this are actually readily available for hackers to download on Github – this one is downloadable, from a creator called 'z3ratu1'. Thankfully it's easy enough to keep safe from viruses like these.

The first port of call is to simply be extra careful when you download software onto your best Mac. Ensure you know exactly where your apps and software are coming from, and only download from trusted sources.

Beyond that, make sure you have an anti-virus or security software installed to make sure that you're not open to attack. There's SentinelOne's software, as well as options like Avast, or more of the best antivirus software for Mac. Make sure you're staying safe online – Macs aren't as virus-proof as they were. 

Tammy Rogers
Buying Guides and Deals Writer

As the Buying Guides and Deals writer for iMore, Tammy puts over a decade of experience in finding the best prices of Apple products to work, helping you save money on the equipment that you want. An audiophile at heart, she loves all things audio and visual, but you’ll also find her drooling over the latest Macs and MacBooks. With a Masters in screenwriting, Tammy likes to spend her free time writing feature-length and TV screenplays or driving digital cars around virtual circuits, to varying degrees of success. Just don't ask her about AirPods Max - you probably won't like her answer.

  • gian posatiere
    As per usual a big fat nothing burger you literally have to give it admin access for it to do anything. You deserve it if you give it that permission.