Complicated week when it comes to malware for Macs and it is that again another malware has been discovered this week as we can read in the apple insider website. In this case it is different from the malware we have seen this week Eleanor, since apparently we would infect ourselves directly from a compressed .zip file which contains a .txt text file or a .jpg image which contains the malicious code.
In this sense, the name of the file has a space at the beginning, which opens the executable Mach-o in the terminal that just when we open it with a double click, it opens and closes very quickly. This means that it is this new OS X malware of unknown origin named by security firm ESET: OSX / Keydnap. OSX / Keydnap is the second Mac malware revealed in a week.
If we have Gatekeeper configured and active in our Mac we will not have problems since immediately after pressing the security systems will be activated and will warn us with the message that this is a file from an unidentified developer stopping the launch of the malicious file on the Mac. In the case of not having Gatekeeper active or properly configured, this malware would roam freely on our Mac with the serious consequences that this entails and trying to obtain root access to the system to obtain credentials or confidential user information.
For those of you unfamiliar, Gatekeeper is a feature that has been practically always present in OS X as a security measure to prevent malicious code from running on the system that is not signed by trusted developers By means of a certificate, deactivating it can sometimes be harmful to the user, as in this case, but there is no need to be alarmed either, since using common sense and if you are not one of those who download "everything finds" over the network, you should have no problem.
Excellent information, but how can we verify that our Mac has the Gatekeeper active? And if it is not found, how can we obtain or activate it?
Thanks for your attention