Malicious HVNC tool gives attackers full access to Macs for $60,000

In a world increasingly reliant on technology, cybersecurity is more critical than ever. As technology evolves, so do the techniques employed by malicious actors seeking to exploit vulnerabilities.

Recently, cybersecurity firm Guardz made a disturbing discovery: Russian hackers are now offering a Hidden Virtual Network Computer (HVNC) tool on the dark web, designed specifically to provide attackers full access to Mac computers. This latest tool follows a similar version designed for Windows PCs and poses a serious risk to personal data and login credentials.

Privacy and security

Mac users beware – HVNC tool enables undetectable intrusion and data theft

The HVNC tool has been strategically marketed to cybercriminals who aim to gain unauthorized access to Macs used in small to medium businesses, where sensitive information and valuable data can be easily obtained. As an underground cybercrime tool, it comes at a steep price, with a lifetime license costing $60,000. With such an investment, attackers expect a powerful and reliable means of attack.

HVNC tool
via Guardz

What sets the HVNC apart from conventional VNC applications is its undetectable nature. VNC apps are often used by IT support teams to remotely assist users, but they require the user’s consent, and the actions of the support personnel are observable on the user’s screen. The HVNC, however, operates in a stealth mode that renders most Mac protection tools ineffective. Attackers can access the targeted Mac as if they were physically present in the room, all without the user’s knowledge or consent. The tool effectively creates a separate user session that remains entirely hidden from the victim, making detection nearly impossible.

Guardz’s Cyber Incident Response (CIR) team made this unsettling discovery on the notorious Russian cybercrime forum “Exploit.” The tool, which has been available since April 2023, specifically targets macOS devices owned by small and medium enterprises. The creators boast that the HVNC supports persistence, meaning it cannot be stopped or removed by merely restarting the Mac. To demonstrate the tool’s capabilities and instill confidence among potential buyers, the hackers have even deposited $100,000 in an escrow account as a form of assurance that the malware functions as promised.

15-inch MacBook Air

The HVNC’s sophistication is cause for concern. It has undergone extensive testing on various macOS versions from 10 up to 13.2, further increasing its potential reach and impact. As such, Mac users are urged to remain vigilant and follow essential cybersecurity practices to protect themselves from this evolving threat.

How can you protect your Mac from such attacks?

One crucial defense mechanism is ensuring that your Mac is always updated to the latest available macOS version. By keeping up with Apple’s security updates, users can better shield their devices from known vulnerabilities that the HVNC may exploit. It is worth noting that this malware only targets Macs up to and including macOS Ventura 13.2, while the current version stands at 13.5.

macOS Ventura 13.2

In addition to staying updated, adhering to standard cybersecurity hygiene measures is vital. Avoid downloading and installing apps from untrusted sources outside the official Mac App Store. Cybercriminals often exploit users’ trust in familiar contacts, so exercise caution when opening unexpected attachments or clicking on links in emails. Whenever possible, access websites using your bookmarks or by directly typing in the URL, rather than clicking on links from emails or other unverified sources.

As cyber threats continue to evolve, it is crucial for both individuals and businesses to prioritize cybersecurity. Understanding the tactics employed by hackers and staying informed about the latest security risks can empower users to take proactive steps in safeguarding their data and privacy.



About the Author

Asma is an editor at iThinkDifferent with a strong focus on social media, Apple news, streaming services, guides, mobile gaming, app reviews, and more. When not blogging, Asma loves to play with her cat, draw, and binge on Netflix shows.