SecureMac, Inc.

Allegedly “Undetectable” Malware Offered for Hefty Darknet Price Tag

March 22, 2017

Though many of its now-famous hidden marketplaces have been taken down by law enforcement, the darknet continues to be a home for the web’s seediest characters. The latest item to hit the market and generate buzz isn’t an illegal substance — instead, it’s illegal software. Several outlets have reported that an anonymous darknet user is currently making attempts to sell an allegedly unreleased “remote administration tool,” or RAT, for Macs.

Dubbed “Proton,” when installed this software gives attackers full control over a user’s machine. That includes downloading more …

Allegedly “Undetectable” Malware Offered for Hefty Darknet Price Tag

Though many of its now-famous hidden marketplaces have been taken down by law enforcement, the darknet continues to be a home for the web’s seediest characters. The latest item to hit the market and generate buzz isn’t an illegal substance — instead, it’s illegal software. Several outlets have reported that an anonymous darknet user is currently making attempts to sell an allegedly unreleased “remote administration tool,” or RAT, for Macs.

Dubbed “Proton,” when installed this software gives attackers full control over a user’s machine. That includes downloading more malware, accessing your Mac’s webcam, or stealing files off the hard drive. An attacker could accomplish all of this without ever alerting the user to the compromised nature of their machine. In other words, it’s a very powerful tool. Additionally, the hackers selling the malware claim they can provide a valid security certificate to accompany the software. Therefore, macOS’s Gatekeeper feature would simply see the malware as a valid piece of Apple software.

If it were to function as described, it would indeed be a powerful piece of malware. Perhaps more startling than the author’s functionality claims is the malware’s price tag. The author is asking for 40 bitcoins, the equivalent of about $50,000. Though one might expect that price to fluctuate, there is yet no evidence that any buyers have taken an interest in the offering. Some researchers speculate this is because other Mac RATs are already available for free — attackers just need to find a way to trick users into installing them.

Will Proton be malware that users need to worry about anytime soon? It’s difficult to say. Even so, security researchers now know of its existence. Should it reach the public Internet, detecting it will only be a matter of time. This reminds us of the need for a clear and continuous focus on security.

As always, it is important for you to continue being cautious wherever you go on the web. Pay attention to the links you click on and where they lead to, and beware of downloading anything from untrustworthy websites. Generally speaking, there are only a few places on the web from which you should trust downloads. While it seems unlikely that this particular piece of malware will hit the web — if it even works — users should continue to be mindful. Staying safe and secure in a digital world is no part time job, after all.

Get the latest security news and deals