CloudMensis is a virus for Mac that wants your personal data. The risks of attack are always present, but restricted to a few users.
Macs are not immune to computer viruses even if the number of threats on macOS remains much lower than on Windows.
Recently, ESET’s Cybersecurity Research Lab identified new malware that uses online storage services and a secret door to steal all the information from your Mac. If you have a Dropbox or pCloud account, be careful.
What is CloudMensis?
The malicious program, dubbed CloudMensis abuses system rules to allow the execution of arbitrary code and to grant itself normally inaccessible privileges. During a first phase, CloudMensis executes a first payload to download a second malware from a pCloud account. Secondly, it will recover personal information.
Your personal data at risk
The CloudMensis virus is capable of executing thirty-nine different commands without the consent of the Mac owner, remotely and discreetly. Among its capabilities is the ability to download files from your memory, including screenshots and even emails. A real risk for companies, for example. Fortunately, the attacks are targeted and therefore only concern a minority of Internet users.
The experts who discovered the malware do not give specific instructions to guard against it, which suggests that you will have to wait for an update from the developers to protect your Mac.
For the moment, Apple has not reacted directly, perhaps because the exact process used by hackers to achieve their ends is still difficult to understand.