Security researchers at Sixgill say they’ve encountered a post in one of the leading, closed Russian cybercrime message boards. The author of the thread announced a RAT [remote access trojan] dubbed Proton, intended for installation exclusively on Macs.
The author claims to have written the malware in native Objective C, the advantage being that the malware doesn’t require any dependencies. The author also claims the app is fully-undetected by any existing macOS anti-viruses currently in the market.
Proton RAT is apparently capable of running real-time console commands and file manipulation, keylogging, SSH/VNC connectivity, screenshot capture, webcam operation, and also has “the ability to present a custom native window requesting information such as a credit card, driver’s license and more, according to the team.
The malware also boasts the capability of iCloud access, even when two-factor authentication is enabled, Sixgill says.
The creator of Proton attempted to market it as a supposedly legitimate security tool. So please be careful when downloading any software. If you’re not 100% certain it’s legit, DON’T download it.