Technology
Stealthy backdoor Mac malware that can wipe out your files
MacOS is generally perceived to be more effective at keeping malware out compared to PCs and other operating systems. However, that’s not the reality; MacOS is just as vulnerable to malware threats as any other operating system, and this misconception can lead you to not be as vigilant regarding malware threats.
As evidence, there’s a new one you need to be aware of called SpectralBlur, which is a sophisticated backdoor malware threat targeting Macs that’s capable of wiping out your files without you even knowing how and when it got there in the first place.
CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER
Woman typing on a Mac (Kurt “CyberGuy” Knutsson)
What is SpectralBlur?
SpectralBlur is a backdoor malware that was created by Lazarus, a hacking group from North Korea. Lazarus has been behind several hacks, including KandyKorn, which targeted blockchain engineers in cryptocurrency.
For quite some time, SpectralBlur went undetected because antivirus software on Mac wasn’t able to pick up on it. It wasn’t until August 2023 that it was uploaded to VirusTotal — a virus detection software — published this new malware threat, and it gathered attention in the cybersecurity community. It’s even being called “The First Malware of 2024” and was dissected originally by Greg Lesnewich.
MacBook, iPad and iPhone (Kurt “CyberGuy” Knutsson)
MORE: HOW TO PROTECT YOUR MAC FROM THE NEW METASTEALER MALWARE
What is SpectralBlur capable of?
Because SpectralBlur is a backdoor malware, it means that instead of having to go through normal authentication procedures — where most malware would get detected — the malware gets into your system in several ways. It could be vulnerabilities in your system, a phishing attack, malicious links/downloads or other tactics.
Objective-See’s security researcher Patrick Wardle also analyzed SpectralBlur and came to similar conclusions as Lesnewich. Once it’s installed, the hacker can grant themselves remote access to your macOS. This gives the hacker the ability to access files and databases on your server. With this access, they can remotely tell it to do whatever they want, for however long they go unnoticed.
From uploading files from your computer into their server, downloading files from the hacker’s server to yours, or deleting files on your computer, they can steal your sensitive information, documents, images, etc., and use them for all sorts of purposes. They can also deploy additional malware (again, without you necessarily realizing it).
Woman on a Mac computer (Kurt “CyberGuy” Knutsson)
MORE: BEWARE OF THIS MAC MALWARE MASQUERADING AS AN OFFICE PRODUCTIVITY APP
How does SpectralBlur get onto my system and how does it work?
Once SpectralBlur gets initial access, it uses a pseudo-terminal to execute shell commands, which essentially means it can run any command on the macOS system as if the attacker were physically using the computer. It does this via a remote command-and-control (C&C) server, using RC4-encrypted socket communication.
Because this communication is encrypted, it makes it difficult for security systems to detect and analyze the malware’s network activity. This encryption helps it stay hidden by masking the data being sent and received as harmless to your system. Of course, that’s not the case; it’s potentially wreaking havoc without you knowing.
Why does North Korea want access to my computer?
Good question. This isn’t something we’ll cover in depth here, but essentially the idea is because North Korea has so many sanctions on it, hackers are motivated to execute their hacks by money and information. When they can steal funds in cryptocurrency, they can use that money to fund the regime.
MORE: TIPS TO FOLLOW FROM ONE INCREDIBLY COSTLY CONVERSATION WITH CYBERCROOKS
How did SpectralBlur go undetected for so long?
There are a few ways that SpectralBlur goes undetected, especially once it’s gotten access to your system:
To start, it utilizes Mac’s sleep and hibernate commands, which allow it to lay dormant within a system. This capability not only helps it avoid suspicions but also makes it difficult for users and antivirus programs to recognize it’s there. It’s also able to avoid detection by wiping your files and overwriting them with zeros. This method ensures that once it has accessed or created files, they can be completely erased without a trace. So, not only is it deleting your files, it’s getting away with it.
Last but not least, SpectralBlur can update its configuration as it goes. In layman’s terms, it’s quite agile and quick on its feet. By being able to adjust its tactics on the fly, SpectralBlur can stay hidden.
GET MORE OF MY SECURITY ALERTS, QUICK TIPS & EASY VIDEO TUTORIALS WITH THE FREE CYBERGUY NEWSLETTER – CLICK HERE
How can I catch it?
Because SpectralBlur is so sneaky and smart, you might be wondering how Mac users recognize that SpectralBlur is on their system. After all, it evaded virus detectors and cybersecurity experts for quite some time, so the average person shouldn’t be expected to figure it out.
Ultimately, there are a few ways to know if SpectralBlur — or other backdoor malware — may be on your computer:
Unusual system behavior: If you notice your system is acting slower than usual, apps crashing frequently, your system’s settings have changed without you doing it yourself, or just the feeling that something isn’t right, there could be malware on your computer.
Increased CPU or network usage: An unexplained increase in CPU or network usage can also be a red flag. SpectralBlur might be using resources for malicious activities, which means more work on your system than usual.
Suspicious files or applications: Those of you who regularly check your system might find unfamiliar files or applications. While SpectralBlur tries to clean up after itself, certain actions or additional malware installations might leave some traces (albeit not on purpose).
Identity theft: Unfortunately, some users might only realize they’ve been a victim of SpectralBlur or a similar malware attack when their data has been breached. Hopefully, though, it won’t get to this point.
How to protect your macOS from SpectralBlur malware
SpectralBlur is an advanced piece of malware, but there are ways you can protect yourself.
1) To begin with, be sure to update your operating system regularly. Check to see whether or not you’re running the latest version of macOS. If you aren’t, do an update.
2) Install a reliable antivirus software for an additional layer of protection. The absolute best way to protect yourself from having your data breached is to have antivirus protection installed on all your devices. Having good antivirus software actively running on your devices will alert you of any malware in your system, warn you against clicking on any malicious links in phishing emails, and ultimately protect you from being hacked. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.
3) Always be cautious when opening email attachments or downloading files, especially from untrusted sources.
4) Use identity theft protection. Identity Theft protection companies can monitor personal information like your home title, Social Security Number, phone number and email address and alert you if it is being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. Read more of my review of the best identity theft protection services here.
5) Although having malware in your system is a cause for concern for bigger things like identity theft, one of the most upsetting results of a SpectralBlur infection for most users is the fact it can delete files on your macOS. No one wants to wake up one morning to find out that their docs, photos, notes, videos and whatever else you have saved to your computer are gone.
Despite the fact you can’t prevent this 100%, you can make sure to hold on to your files. Do this by initiating regular backups of important data. In the event of a malware infection, having up-to-date backups can save all of your important data.
Man on a Mac computer (Kurt “CyberGuy” Knutsson)
Kurt’s key takeaways
The whole reason that backdoor malware like SpectralBlur is so damaging is that it can exist on your system for a long time without getting noticed, deleting all your files and data in the process. Unfortunately, by the time it is detected, it may be too late. So, please do yourself a favor and protect your Mac as best as possible using the security tips we mention, like installing antivirus protection and backing up your information.
Have you — or has anyone you know — detected SpectralBlur or other backdoor malware on their macOS? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Answers to the most asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.
After teasing the upcoming launch of its midrange Phone 4A last week, Nothing has now revealed what the rear of the device looks like. An official render of the Phone 4A shared on X shows off the brand’s familiar transparent-industrial stylings, alongside a new “Glyph Bar” lighting feature located to the right of the triple camera island.
This Glyph Bar features nine individually controllable mini-LEDs that appear as a line of seven square lights — six white, and one red — replacing the three LED light strips that surround the camera on Nothing’s 3A devices. Nothing says that the Glyph Bar is 40 percent brighter than the previous A-series’ lights and uses patented tech to provide “a more natural, neutral, bleed-free glow.”
Nothing hasn’t shared much else about the Phone 4A series besides confirming it’ll be running a Snapdragon chip. Full specifications, price, and availability might not be announced until it launches on March 5th. Nothing CEO Carl Pei has confirmed that there won’t be a Phone 4 this year, however, so last year’s Phone 3 will remain the current flagship for now.
NEWYou can now listen to Fox News articles!
Dating has changed a lot over the past decade. First, we moved from meeting people in person to swiping on apps. Now, some people are skipping human partners altogether and dating AI. That shift became very real at a recent pop-up event in Hell’s Kitchen in New York, where EvaAI, an AI companion app, hosted what it called a dating cafe. Guests arrived solo and brought their virtual partners with them.
Instead of someone sitting across the table, many had a phone or tablet propped up between the candles. They slipped on headphones, smiled at their screens and carried on full conversations with digital companions. It looked like a normal date night. It just happened to include artificial intelligence.
Sign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
AI COMPANIONS ARE RESHAPING TEEN EMOTIONAL BONDS
A New York wine bar in Hell’s Kitchen transforms into EVA AI Cafe, what the company calls the world’s first AI dating cafe, complete with neon signage and candlelit tables. (EvaAI)
EvaAI takes AI relationships into the real world
EvaAI organized the event to give users a chance to take their AI companion out on a real date. The app allows people to create customizable AI partners for text and video chat. For one evening, those private conversations moved into a public setting. Guests set up their devices on stands and began chatting with their AI partners as drinks were poured and music played. Some described their companions as friends. Others framed the relationship as romantic, often involving roleplay or fantasy scenarios.
Company representatives said the goal was to reduce stigma around AI companion relationships. They emphasized that the app is not designed to replace human partners. Instead, they position it as support for people who feel lonely or who want a low-pressure way to build confidence. Still, seeing rows of candlelit tables with screens instead of people makes the shift feel tangible.
What is an AI companion relationship?
An AI companion relationship happens when someone forms an emotional or romantic bond with a chatbot designed to simulate personality and conversation.
On platforms like EvaAI, users can:
- Swipe through AI characters
- Customize appearance and personality
- Text or video chat anytime
- Create romantic or fantasy scenarios
You control the interaction. You decide when it starts and when it ends. You shape the personality to fit what you want. For many people, that control feels safe. There is no fear of rejection. No pressure to impress. No awkward silence unless you want one. If you have ever felt burned out by dating apps, you can probably understand the appeal.
Why are more people turning to AI for romance?
Modern dating can feel exhausting. You swipe, match and message. Then conversations disappear. AI cuts out a lot of the drama. There is no ghosting. No mixed signals. No waiting hours to reply, so you do not seem too eager. Instead, you get immediate engagement. For people who struggle with anxiety or who do not have many daily interactions, that can feel comforting. Some users say AI helps them practice conversation before dating real people. Others say it fills a social gap during lonely periods.
Younger generations are also growing up with AI integrated into daily life. Talking to a chatbot no longer feels unusual. Adding emotional connection may feel like the next step. Surveys show a noticeable percentage of adults have experimented with AI in a romantic or intimate way. Among teens, the numbers are even higher.
The benefits and the tradeoffs of AI relationships
AI companion relationships come with real upsides. For example, they can reduce loneliness and provide emotional reassurance. In many cases, they also help people rehearse difficult conversations before having them in real life. As a result, some users say they feel more confident and socially prepared.
However, there are clear tradeoffs. Unlike AI, real relationships require compromise, unpredictability and emotional growth. While a digital partner adapts to your preferences, a human partner may challenge you in unexpected ways. In contrast, AI typically responds the way you prefer and rarely pushes back unless designed to do so.
Moya’s humanlike appearance is intentional, from her warm skin to subtle facial details designed to feel familiar rather than mechanical. (DroidUp)
Over time, spending several hours a day in digital intimacy may shift expectations about real-world connections. At the New York event, some attendees admitted they feel more comfortable interacting with their AI companion at home rather than in crowded spaces. Because the app offers a high level of control, it can feel safer than face-to-face interaction. On one hand, that comfort can build confidence. On the other hand, it may reinforce isolation. Ultimately, the outcome depends on how intentionally the technology is used.
TEENS TURNING TO AI FOR LOVE AND COMFORT
Are AI companion relationships a passing trend or the future?
It is easy to dismiss an AI dating cafe as a quirky tech stunt. Then again, meeting someone through a dating app once felt strange, too. Technology keeps advancing. Video syncing looks smoother. Voices sound more natural. Conversations feel more responsive.
As AI becomes more lifelike, emotional attachment may deepen. EvaAI’s leadership has made clear that they do not view the app as a substitute for human relationships. They describe it as support during periods without a partner or as practice for real-world dating. Whether users maintain that boundary over time remains an open question.
Take my quiz: How safe is your online security?
Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com
Kurt’s key takeaways
If you had told someone ten years ago that people would bring a chatbot to a wine bar for date night, they probably would have laughed. Now it is happening, and not quietly. The AI dating cafe in New York highlighted something very human. People want connection. When dating feels exhausting, awkward or intimidating, they look for something that feels safer and easier to manage.
For some, AI companion relationships may serve as practice. For others, they may become a primary source of emotional support. The technology will keep improving. The bigger question is how we choose to use it. We once debated whether meeting someone online counted as “real.” AI may follow a similar path, or it may remain a niche comfort for a certain group of people.
Instead of someone sitting across the table, diners video chat with customizable AI partners, blending virtual romance with a real world setting. (iStock)
If an AI companion helps someone feel less lonely and more confident, does it really matter that the connection is digital, or is the lack of a human on the other side a line you would never cross? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report: Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
Copyright 2026 CyberGuy.com. All rights reserved.
In addition to summoning Bixby or Gemini, Galaxy S26 users will be able to call on Perplexity by saying “hey, Plex.” The integration of Perplexity into Galaxy AI is just one element of the company’s embrace of a “multi-agent ecosystem.”
Often, people will use different AI agents for different tasks, depending on where their strengths lie. So Samsung is opening up the ability to integrate different agents into the OS. Hey, Plex isn’t just some transparent version of the app baked into a Galaxy phone to quickly get answers to questions. Perplexity will have access to Samsung Notes, Clock, Gallery, Reminder, and Calendar, as well as select third-party apps, though which ones specifically Samsung didn’t say.
Samsung seems to believe that people will increasingly use AI to interact with their phones. But, as we’ve learned, people can develop strong attachments to particular AIs. So the company is betting that giving people the freedom to put whatever agent they want at the heart of their phone will help differentiate them from competition like Apple and Google.
Of course, Samsung’s next Unpacked event is just around the corner. I’m sure we’ll hear more about Galaxy AI and Samsung’s vision for a multi-agent future on the 25th.
Family of Ohio teacher ‘clinging to faith’ after ex-‘American Idol’ contestant husband charged with her murder
Propane tank hurled into Arizona ICE facility in suspected arson attack, FBI investigating
NC college fires instructor who was running for office after rant on Charlie Kirk, Trump
High school senior facing more than 300 felony charges in alleged sextortion scheme targeting minors: reports
Mayor Sheffield announces Detroit’s first-ever neighborhood and community safety office
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Indiana Members Credit Union announced as new anchor tenant at Bottleworks District
Video: Why the Supreme Court Struck Down Trump’s Tariffs
Trump envoy rebukes Greenland leader for rejecting hospital ship proposal
Gulf countries back Kuwait’s sovereignty after Iraq draws new boundaries
Suspected gunman identified after being shot dead at Mar-a-Lago – US politics live
Video: Armed Man Is Shot and Killed at Mar-a-Lago, Authorities Say
-
Montana4 days ago2026 MHSA Montana Wrestling State Championship Brackets And Results – FloWrestling
-
Culture1 week agoVideo: How Much Do You Know About Romance Books?
-
Science1 week agoWhat a Speech Reveals About Trump’s Plans for Nuclear Weapons
-
Oklahoma6 days agoWildfires rage in Oklahoma as thousands urged to evacuate a small city
-
Technology2 days agoYouTube TV billing scam emails are hitting inboxes
-
Technology1 week agoThe DJI Romo robovac had security so poor, this man remotely accessed thousands of them
-
Science1 week agoNotoriously hazardous South L.A. oil wells finally plugged after decades of community pressure
-
Education1 week agoVideo: Secret New York City Passage Linked to Underground Railroad