On Monday, it initially seemed like the beginning of the end for Intel’s desktop CPU instability woes — the company confirmed a patch is coming in mid-August that should address the “root cause” of exposure to elevated voltage. But if your 13th or 14th Gen Intel Core processor is already crashing, that patch apparently won’t fix it.
Technology
Stealthy backdoor Mac malware that can wipe out your files
MacOS is generally perceived to be more effective at keeping malware out compared to PCs and other operating systems. However, that’s not the reality; MacOS is just as vulnerable to malware threats as any other operating system, and this misconception can lead you to not be as vigilant regarding malware threats.
As evidence, there’s a new one you need to be aware of called SpectralBlur, which is a sophisticated backdoor malware threat targeting Macs that’s capable of wiping out your files without you even knowing how and when it got there in the first place.
CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER
Woman typing on a Mac (Kurt “CyberGuy” Knutsson)
What is SpectralBlur?
SpectralBlur is a backdoor malware that was created by Lazarus, a hacking group from North Korea. Lazarus has been behind several hacks, including KandyKorn, which targeted blockchain engineers in cryptocurrency.
For quite some time, SpectralBlur went undetected because antivirus software on Mac wasn’t able to pick up on it. It wasn’t until August 2023 that it was uploaded to VirusTotal — a virus detection software — published this new malware threat, and it gathered attention in the cybersecurity community. It’s even being called “The First Malware of 2024” and was dissected originally by Greg Lesnewich.
MacBook, iPad and iPhone (Kurt “CyberGuy” Knutsson)
MORE: HOW TO PROTECT YOUR MAC FROM THE NEW METASTEALER MALWARE
What is SpectralBlur capable of?
Because SpectralBlur is a backdoor malware, it means that instead of having to go through normal authentication procedures — where most malware would get detected — the malware gets into your system in several ways. It could be vulnerabilities in your system, a phishing attack, malicious links/downloads or other tactics.
Objective-See’s security researcher Patrick Wardle also analyzed SpectralBlur and came to similar conclusions as Lesnewich. Once it’s installed, the hacker can grant themselves remote access to your macOS. This gives the hacker the ability to access files and databases on your server. With this access, they can remotely tell it to do whatever they want, for however long they go unnoticed.
From uploading files from your computer into their server, downloading files from the hacker’s server to yours, or deleting files on your computer, they can steal your sensitive information, documents, images, etc., and use them for all sorts of purposes. They can also deploy additional malware (again, without you necessarily realizing it).
Woman on a Mac computer (Kurt “CyberGuy” Knutsson)
MORE: BEWARE OF THIS MAC MALWARE MASQUERADING AS AN OFFICE PRODUCTIVITY APP
How does SpectralBlur get onto my system and how does it work?
Once SpectralBlur gets initial access, it uses a pseudo-terminal to execute shell commands, which essentially means it can run any command on the macOS system as if the attacker were physically using the computer. It does this via a remote command-and-control (C&C) server, using RC4-encrypted socket communication.
Because this communication is encrypted, it makes it difficult for security systems to detect and analyze the malware’s network activity. This encryption helps it stay hidden by masking the data being sent and received as harmless to your system. Of course, that’s not the case; it’s potentially wreaking havoc without you knowing.
Why does North Korea want access to my computer?
Good question. This isn’t something we’ll cover in depth here, but essentially the idea is because North Korea has so many sanctions on it, hackers are motivated to execute their hacks by money and information. When they can steal funds in cryptocurrency, they can use that money to fund the regime.
MORE: TIPS TO FOLLOW FROM ONE INCREDIBLY COSTLY CONVERSATION WITH CYBERCROOKS
How did SpectralBlur go undetected for so long?
There are a few ways that SpectralBlur goes undetected, especially once it’s gotten access to your system:
To start, it utilizes Mac’s sleep and hibernate commands, which allow it to lay dormant within a system. This capability not only helps it avoid suspicions but also makes it difficult for users and antivirus programs to recognize it’s there. It’s also able to avoid detection by wiping your files and overwriting them with zeros. This method ensures that once it has accessed or created files, they can be completely erased without a trace. So, not only is it deleting your files, it’s getting away with it.
Last but not least, SpectralBlur can update its configuration as it goes. In layman’s terms, it’s quite agile and quick on its feet. By being able to adjust its tactics on the fly, SpectralBlur can stay hidden.
GET MORE OF MY SECURITY ALERTS, QUICK TIPS & EASY VIDEO TUTORIALS WITH THE FREE CYBERGUY NEWSLETTER – CLICK HERE
How can I catch it?
Because SpectralBlur is so sneaky and smart, you might be wondering how Mac users recognize that SpectralBlur is on their system. After all, it evaded virus detectors and cybersecurity experts for quite some time, so the average person shouldn’t be expected to figure it out.
Ultimately, there are a few ways to know if SpectralBlur — or other backdoor malware — may be on your computer:
Unusual system behavior: If you notice your system is acting slower than usual, apps crashing frequently, your system’s settings have changed without you doing it yourself, or just the feeling that something isn’t right, there could be malware on your computer.
Increased CPU or network usage: An unexplained increase in CPU or network usage can also be a red flag. SpectralBlur might be using resources for malicious activities, which means more work on your system than usual.
Suspicious files or applications: Those of you who regularly check your system might find unfamiliar files or applications. While SpectralBlur tries to clean up after itself, certain actions or additional malware installations might leave some traces (albeit not on purpose).
Identity theft: Unfortunately, some users might only realize they’ve been a victim of SpectralBlur or a similar malware attack when their data has been breached. Hopefully, though, it won’t get to this point.
How to protect your macOS from SpectralBlur malware
SpectralBlur is an advanced piece of malware, but there are ways you can protect yourself.
1) To begin with, be sure to update your operating system regularly. Check to see whether or not you’re running the latest version of macOS. If you aren’t, do an update.
2) Install a reliable antivirus software for an additional layer of protection. The absolute best way to protect yourself from having your data breached is to have antivirus protection installed on all your devices. Having good antivirus software actively running on your devices will alert you of any malware in your system, warn you against clicking on any malicious links in phishing emails, and ultimately protect you from being hacked. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.
3) Always be cautious when opening email attachments or downloading files, especially from untrusted sources.
4) Use identity theft protection. Identity Theft protection companies can monitor personal information like your home title, Social Security Number, phone number and email address and alert you if it is being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. Read more of my review of the best identity theft protection services here.
5) Although having malware in your system is a cause for concern for bigger things like identity theft, one of the most upsetting results of a SpectralBlur infection for most users is the fact it can delete files on your macOS. No one wants to wake up one morning to find out that their docs, photos, notes, videos and whatever else you have saved to your computer are gone.
Despite the fact you can’t prevent this 100%, you can make sure to hold on to your files. Do this by initiating regular backups of important data. In the event of a malware infection, having up-to-date backups can save all of your important data.
Man on a Mac computer (Kurt “CyberGuy” Knutsson)
Kurt’s key takeaways
The whole reason that backdoor malware like SpectralBlur is so damaging is that it can exist on your system for a long time without getting noticed, deleting all your files and data in the process. Unfortunately, by the time it is detected, it may be too late. So, please do yourself a favor and protect your Mac as best as possible using the security tips we mention, like installing antivirus protection and backing up your information.
Have you — or has anyone you know — detected SpectralBlur or other backdoor malware on their macOS? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Answers to the most asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25547838/YAKZA_3840_2160_A_Elogo.jpg "Here’s your first look at Amazon’s Like a Dragon: Yakuza")
Amazon says that the show “showcases modern Japan and the dramatic stories of these intense characters, such as the legendary Kazuma Kiryu, that games in the past have not been able to explore.” Kiryu will be played by Ryoma Takeuchi, while Kento Kaku also starts as Akira Nishikiyama. The series is directed by Masaharu Take.
Like a Dragon: Yakuza starts streaming on Prime Video on October 24th with its first three episodes.
I’m not an artist. My brain just does not work that way. I tried to learn Photoshop but gave up. Now, I create fun images using AI.
You need a vacation. We’re giving away a $1,000 getaway gift card for your favorite airline. Enter to win now!
Some AI tech is kind of freaky (like this brain-powered robot), but many of the new AI tools out there are just plain fun. Let’s jump into the wide world of freebies that will help you make something cool.
20 TECH TRICKS TO MAKE LIFE BETTER, SAFER OR EASIER
Create custom music tracks
Not everyone is musically inclined, but AI makes it pretty easy to pretend you are. At the very least, you can make a funny tune for a loved one who needs some cheering up.
AI to try: Udio
Perfect for: Experimenting with song styles
Starter prompt: “Heartbreak at the movie theater, ‘80s ballad”
Cheerful man sitting in front of his computer monitor eating and working. (iStock)
Just give Udio a topic for a song and a genre, and it’ll do the rest. I asked it to write a yacht rock song about a guy who loves sunsets, and it came up with two one-minute clips that were surprisingly good. You can customize the lyrics, too.
Produce quick video clips
The built-in software on our phones does a decent job at editing down the videos we shoot (like you and the family at the beach), but have you ever wished you could make something a little snazzier?
AI to try: Invideo
Perfect for: Quick content creation
TIME-SAVING TRICKS USING YOUR KEYBOARD
Starter prompt: “Cats on a train”
Head to Invideo to produce your very own videos, no experience needed. Your text prompts can be simple, but you’ll get better results if you include more detail.
You can add an AI narration over the top (David Attenborough’s AI voice is just too good). FYI, the free account puts a watermark on your videos, but if you’re just doing it for fun, no biggie.
Draft digital artwork
You don’t need to be an AI whiz skilled at a paid program like Midjourney to make digital art. Here’s an option anyone can try.
Closeup shot of an unrecognizable woman using a laptop while working from home. (iStock)
AI to try: OpenArt
Perfect for: Illustrations and animations
Starter prompt: “A lush meadow with blue skies”
OpenArt starts you off with a simple text prompt, but you can tweak it in all kinds of funky ways, from the image style to the output size. You can also upload images of your own for the AI to take its cues from and even include pictures of yourself (or friends and family) in the art.
If you’ve caught the AI creative bug and want more of the same, try the OpenArt Sketch to Image generator. It turns your original drawings into full pieces of digital art.
YOUR BANK WANTS YOUR VOICE. JUST SAY NO.
More free AI fun
Maybe creating videos and works of art isn’t your thing. There’s still lots of fun to be had with AI.
- Good time for kids and adults: Google’s Quick, Draw! Try to get the AI to recognize your scribblings before time runs out in this next-gen Pictionary-style game.
- Expose your kid to different languages: Another option from Google, Thing Translator, lets you snap a photo of something to hear the word for it in a different language. Neat!
- Warm up your vocal chords: Freddimeter uses AI to rate how well you can sing like Freddie Mercury. Options include “Don’t Stop Me Now,” “We Are the Champions,” “Bohemian Rhapsody” and “Somebody To Love.”
A mother uses a laptop while a little boy uses a tablet. (iStock)
If you’re not tech-ahead, you’re tech-behind
Award-winning host Kim Komando is your secret weapon for navigating tech.
Copyright 2024, WestStar Multimedia Entertainment. All rights reserved.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25546355/intel_13900k_tomwarren__2_.jpg "There is no fix for Intel’s crashing 13th and 14th Gen CPUs — any damage is permanent")
Citing unnamed sources, Tom’s Hardware reports that any degradation of the processor is irreversible, and an Intel spokesperson did not deny that when we asked. Intel is “confident” the patch will keep it from happening in the first place. (As another preventative measure, you should update your BIOS ASAP.) But if your defective CPU has been damaged, your best option is to replace it instead of tweaking BIOS settings to try and alleviate the problems.
And, Intel confirms, too-high voltages aren’t the only reason some of these chips are failing. Intel spokesperson Thomas Hannaford confirms it’s a primary cause, but the company is still investigating. Intel community manager Lex Hoyos also revealed some instability reports can be traced back to an oxidization manufacturing issue that was fixed at an unspecified date last year.
This raises lots of questions. Will Intel recall these chips? Extend their warranty? Replace them no questions asked? Pause sales like AMD just did with its Ryzen 9000? Identify faulty batches with the manufacturing defect?
We asked Intel these questions, and I’m not sure you’re going to like the answers.
Why are these still on sale without so much as an extended warranty?
Intel has not halted sales or clawed back any inventory. It will not do a recall, period. The company is not currently commenting on whether or how it might extend its warranty. It would not share estimates with The Verge of how many chips are likely to be irreversibly impacted, and it did not explain why it’s continuing to sell these chips ahead of any fix.
Intel’s not yet telling us how warranty replacements will work beyond trying customer support again if you’ve previously been rejected. It did not explain how it will contact customers with these chips to warn them about the issue.
But Intel does tell us it’s “confident” that you don’t need to worry about invisible degradation. If you’re not currently experiencing issues, the patch “will be an effective preventative solution for processors already in service.” (If you don’t know if you’re experiencing issues, Intel currently suggests the Robeytech test.)
And, perhaps for the first time, Intel has confirmed just how broad this issue could possibly be. The elevated voltages could potentially affect any 13th or 14th Gen desktop processor that consumes 65W or more power, not just the highest i9-series chips that initially seemed to be experiencing the issue.
Here are the questions we asked Intel and the answers we’ve received by email from Intel’s Hannaford:
How many chips does Intel estimate are likely to be irreversibly impacted by these issues?
Intel Core 13th and 14th Generation desktop processors with 65W or higher base power – including K/KF/KS and 65W non-K variants – could be affected by the elevated voltages issue. However, this does not mean that all processors listed are (or will be) impacted by the elevated voltages issue.
Intel continues validation to ensure that scenarios of instability reported to Intel regarding its Core 13th and 14th Gen desktop processors are addressed.
For customers who are or have been experiencing instability symptoms on their 13th and/or 14th Gen desktop processors, Intel continues advising them to reach out to Intel Customer Support for further assistance. Additionally, if customers have experienced these instability symptoms on their 13th and/or 14th Gen desktop processors but had RMA [return merchandise authorization] requests rejected we ask that they reach out to Intel Customer Support for further assistance and remediation.
Will Intel issue a recall?
Will Intel proactively warn buyers of these chips about the warning signs or that this update is required? If so, how will it warn them?
Intel targets to release a production microcode update to OEM/ODM customers by mid-August or sooner and will share additional details on the microcode patch at that time.
Intel is investigating options to easily identify affected processors on end user systems. In the interim, as a general best practice Intel recommends that users adhere to Intel Default Settings on their desktop processors, along with ensuring their BIOS is up to date.
Has Intel halted sales and / or performed any channel inventory recalls while it validates the update?
Does Intel anticipate the fix will be effective for chips that have already been in service but are not yet experiencing symptoms (i.e., invisible degradation)? Are those CPUs just living on borrowed time?
Intel is confident that the microcode patch will be an effective preventative solution for processors already in service, though validation continues to ensure that scenarios of instability reported to Intel regarding its Core 13th/14th Gen desktop processors are addressed.
Intel is investigating options to easily identify affected or at-risk processors on end user systems.
It is possible the patch will provide some instability improvements to currently impacted processors; however customers experiencing instability on their 13th or 14th Generation desktop processor-based systems should contact Intel customer support for further assistance.
Will Intel extend its warranty on these 13th Gen and 14th Gen parts, and for how long?
Given how difficult this issue was for Intel to pin down, what proof will customers need to share to obtain an RMA? (How lenient will Intel be?)
What will Intel do for 13th Gen buyers after supply of 13th Gen parts runs out? Final shipments were set to end last month, I’m reading.
Intel is committed to making sure all customers who have or are currently experiencing instability symptoms on their 13th and/or 14th Gen desktop processors are supported in the exchange process. This includes working with Intel’s retail and channel customers to ensure end users are taken care of regarding instability symptoms with their Intel Core 13th and/or 14th Gen desktop processors.
What will Intel do for 14th Gen buyers after supply of 14th Gen parts run out?
Will replacement / RMA’d chips ship with the microcode update preapplied beginning in August? Is Intel still shipping replacement chips ahead of that update?
Intel will be applying to microcode to 13th/14th Gen desktop processors that are not yet shipped once the production patch is released to OEM/ODM partners (targeting mid-August or sooner). For 13th /14th Gen desktop processors already in service, users will need to apply the patch via BIOS update once available.
What, if anything, can customers do to slow or stop degradation ahead of the microcode update?
Intel recommends that users adhere to Intel Default Settings on their desktop processors, along with ensuring their BIOS is up to date. Once the microcode patch is released to Intel partners, we advise users check for the relevant BIOS updates.
Will Intel share specific manufacturing dates and serial number ranges for the oxidized processors so mission-critical businesses can selectively rip and replace?
Intel will continue working with its customers on Via Oxidation-related reports and ensure that they are fully supported in the exchange process.
Why does Intel believe the instability issues do not affect mobile laptop chips?
Intel is continuing its investigation to ensure that reported instability scenarios on Intel Core 13th/14th Gen processors are properly addressed.
This includes ongoing analysis to confirm the primary factors preventing 13th / 14th Gen mobile processor exposure to the same instability issue as the 13th/14th Gen desktop processors.
That’s all we’ve heard from Intel so far, though Hannaford assured us more answers are on the way and that the company is working on remedies.
Again, if your CPU is already damaged, you need to get Intel to replace it, and if Intel won’t do so, please let us know. In the meanwhile, you’ll want to update your BIOS as soon as possible because your processor could potentially be invisibly damaging itself — and if you know your way around a BIOS, you may want to adjust your motherboard to Intel’s default performance profiles, too.
Lastly, here is that Robeytech video that Intel is recommending to Redditors to potentially help them identify if their chip has an issue. Intel says it’s looking into other ways to identify that, too.
Virginia3 mins ago
Virginia Tech 2024 Position Preview Series, Linebacker: How Does Transfer Sam Brumfield Fit In?
Washington6 mins ago
Trump ally who denies 2020 election results threatens law enforcement
Wisconsin9 mins ago
Fox News Poll: Trump hits 50% in Wisconsin, edges Harris by just 1 point
West Virginia12 mins ago
Justice issues state of emergency in connection with drought conditions – WV MetroNews
Wyoming16 mins ago
Wyoming Highway Patrol celebrates K-9 Reno’s career
Midwest2 years ago
See it: Tesla crashes into Columbus convention center at 70 mph
South2 years ago
Fox News Politics: Georgia the whole day through
Colorado2 years ago
Colorado Rockies game no. 116 thread: Zac Gallen vs José Ureña
South2 years ago
Death of missing Oregon girl found in stream ruled homicide
South2 years ago
At least 2 dead as tornadoes hit Alabama, damage homes across Southeast
Politics1 hour ago
Park Police union says officers ‘did everything they could’ during DC anti-Israel riot
World2 hours ago
Passengers face long, uncertain wait at stations amid rail disruption
News2 hours ago
Boar's Head recalls 200,000 pounds of deli meat linked to a Listeria outbreak
Politics8 hours ago
Texas sues Biden administration over program giving birth control to teens without parents' knowledge
World9 hours ago
South Africa police say 95 Libyans detained at suspected military camp
-
World1 week agoOne dead after car crashes into restaurant in Paris
-
Midwest1 week agoMichigan rep posts video response to Stephen Colbert's joke about his RNC speech: 'Touché'
-
News1 week agoVideo: Young Republicans on Why Their Party Isn’t Reaching Gen Z (And What They Can Do About It)
-
News1 week agoIn Milwaukee, Black Voters Struggle to Find a Home With Either Party
-
Politics1 week agoFox News Politics: The Call is Coming from Inside the House
-
News1 week agoVideo: J.D. Vance Accepts Vice-Presidential Nomination
-
Movie Reviews1 week agoMovie Review: A new generation drives into the storm in rousing ‘Twisters’
-
World1 week agoTrump to take RNC stage for first speech since assassination attempt