Hackers Spy on Mac Users, Get Italian Bank Info and Swedish State Secrets

This week breaches range from the very personal to all of a country's vehicle owners. It's just another week in Nextgov's ThreatWatch, a regularly updated index of cyber incidents. 

Security Researcher Finds Mac Malware Spying on Home Computers

If you’ve heard the phrase “there aren’t viruses for Macs,” think again.

A researcher with security firm Synack said at least 400 Macs have been infected by a malware variant that allows attackers to access webcams and keyboards and capture screenshots, Ars Technica reported.

Synack’s Patrick Wardle was able to register a command and control server that the infected computers called back to. Wardle didn’t do anything illegal once the Macs contacted the server, but he could have spied through their webcams or logged keystrokes. The malware Wardle spotted was undetectable by most commercial antiviruses and by Apple’s own security system. It’s a variant of a separate malware that the firm Malwarebytes discovered in January and that had infected just a handful of computers. Synack presented about the malware at the Black Hat conference.

"A lot of Mac users are overconfident in the security of their Mac[s]. [The discovery] just goes to reiterate to everyday users that there are perhaps people out there trying to hack their computers," Wardle told Ars Technica.

400,000 Italian Bank Customers Exposed in Breaches

UniBank, Italy’s largest bank, said the data of more than 400,000 customers was accessed twice during the last ten months, Reuters reported.

Personal and banking details may have been accessed, but passwords were not, according to a bank statement. The bank’s IT group head Daniele Tonella told Reuters the information taken couldn’t be used to carry out financial transactions.

The incidents happened in September and October 2016, and again in June and July. UniBank blamed the data breaches on an unspecified “third-party provider,” Financial Times reported. The breaches, however, were discovered by its own IT director.

Swedish Agency Skirts Its Own Security Rules, Exposes Data of Millions

The Swedish prime minister acknowledged a massive leak that exposed personal details about millions of Swedes, including anyone with a registered vehicle and possibly some military secrets, according to reports.

The information leaked when the Swedish Transport Agency bungled outsourcing its IT services to IBM Sweden in 2015, Prime Minister Stefan Lofven said at a press conference Monday. The agency handles vehicle registration—so it houses photos, names, addresses and vehicle info—but also could have information about military and police vehicles and personnel, as well as “people with protected identities,” the Financial Times reported.

The agency, under time pressure, opted to skip its security rules and allowed secret information to be handled by IT staff in Eastern Europe who hadn’t gone through proper clearances, The Local (Sweden) reported. The agency’s former leader Maria Ågren was fired in January for undisclosed reasons but was also fined for mishandling secret information.

Though the leak happened in 2015, Lofven said he only found out about it earlier this year, while other officials found out 18 months ago.

The transportation agency has plans to make sure only security-cleared personnel will be able to access data by the fall, the BBC reported.

“What happened in the transport agency is a disaster. It is extremely serious. It has exposed both Sweden and Swedish citizens to risks,” Lofven said.