Skip to main content

Malware Group Focused On Windows Could Potentially Target Mac Machines

By May 25, 2017March 1st, 2023Cybersecurity

Unless you are intimately familiar with digital security, odds are good that you’ve never heard of Snake, Uroburos or Turla. These are three different aliases used by a single group of sophisticated Russian hackers that have been operating since at least 2007. Security professionals categorically agree that this group is far more organized, and more dangerous than better known groups like Fancy Bear and Cozy Bear, two organizations believed to have ties to Russia’s Military Intelligence Service (GRU).

Not only are Snake’s tools more advanced and robust. They tend to focus their attacks on much harder targets, such as military organizations, research and academic institutions, multinational corporations (especially those with government contracts), intelligence agencies, embassies and other well-guarded government institutions.

Traditionally, Snake’s attacks have focused on Windows, and the malware they have designed has been optimized for that platform. However, researchers from Kaspersky Lab found several Linux components in their toolkit, which suggests that the group is expanding their reach to other platforms as well.

Even more disturbing, the Dutch security firm Fox-IT has recently found a macOS variant of the toolkit that appears to be a direct port from the Windows version.

It should be noted that no mac-oriented malware based on this code has yet been found in the wild, which suggests that this toolkit represents a beta that’s still in testing.

Even if that theory is correct, however, it’s just a matter of time before the group completes its testing and begins making attacks to flex their newfound muscle.

That’s disturbing because high-level executives disproportionately use Macs, and a focused attack against Mac users will almost certainly be launched with them in mind as the primary targets. Even worse, Snake is best known for using Zero-Day exploits to carry out their attacks, which makes them extremely difficult to defend against. Stay vigilant. No one can say with certainty when or where the group will strike next.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.