The cybersecurity company Guardz recently discovered HVNC malware on the dark web, which can launch remote attacks against macOS systems to steal personal information and password credentials.
HVNC is the abbreviation of Hidden Virtual Network Computing, which is a method to solve remote login (such as browser, operating system/plug-in version, locale, time zone, etc. to fingerprint the user’s system).
HVNC technology is mainly used in technical support services, but before starting the service, the user’s permission is required.
The HVNC malware exposed this time does not require the user’s permission and can launch attacks without the user’s knowledge.
The malware is sold on the dark web for $60,000 (currently about 431,000 RMB), including a reverse shell and a remote file manager. Current test results show that Mac devices with macOS 10 to 13.2 are affected, so users are recommended to upgrade to the latest 13.4.1 version as soon as possible.