macOS is being targeted by 'Cobalt Strike' that opens your machine up to hackers

Apple MacBook thats got a sad, sick emoji on it
(Image credit: Future/ iMore)

Cybersecurity company SentinelOne has reported today about a new Mac virus that when opened on your Mac will give hackers access to your machine. The virus, named 'Geacon', is a version of the Cobalt Strike virus, used against Windows users for some time.

Now, this new version of the virus can be implanted on Mac users' machines, letting hackers in with what is commonly known as a trojan horse – an innocuous-seeming file that ultimately allows hackers to access your machine.

What does it do?

Targeting macOS Mavericks and above, the virus is able to penetrate machines with either Intel or Apple silicon. It does require that you give it access to your camera, microphone, and administrator privileges, so it's vital that you're keeping an eye on everything that you install from the internet.

Once on your Mac, it sends out 'beacons' to bad actors that have downloaded the virus and sent it out to unsuspecting victims. Sentinel One says that these beacons have "a multitude of functions for tasks such as network communications, encryption, decryption, downloading further payloads and exfiltrating data."

In essence, the hacker can access your data, location, and stuff sent over your data connection.

Viruses like this are actually readily available for hackers to download on Github – this one is downloadable, from a creator called 'z3ratu1'. Thankfully it's easy enough to keep safe from viruses like these.

The first port of call is to simply be extra careful when you download software onto your best Mac. Ensure you know exactly where your apps and software are coming from, and only download from trusted sources.

Beyond that, make sure you have an anti-virus or security software installed to make sure that you're not open to attack. There's SentinelOne's software, as well as options like Avast, or more of the best antivirus software for Mac. Make sure you're staying safe online – Macs aren't as virus-proof as they were. 

Tammy Rogers
Senior Staff Writer

As iMore's Senior Staff writer, Tammy uses her background in audio and Masters in screenwriting to pen engaging product reviews and informative buying guides. The resident audiophile (or audio weirdo), she's got an eye for detail and a love of top-quality sound. Apple is her bread and butter, with attention on HomeKit and Apple iPhone and Mac hardware. You won't find her far away from a keyboard even outside of working at iMore – in her spare time, she spends her free time writing feature-length and TV screenplays. Also known to enjoy driving digital cars around virtual circuits, to varying degrees of success. Just don't ask her about AirPods Max - you probably won't like her answer.

  • gian posatiere
    As per usual a big fat nothing burger you literally have to give it admin access for it to do anything. You deserve it if you give it that permission.