Key Points

References

Key Concepts

how to improve internet security on macosx 

Potential Value Opportunities

Potential Challenges

Cobalt Strike ransomware email phish

https://support.avg.com/answers?id=9065p000000kDSVAA2

Geacon malware removal for MAC OS

https://www.pcrisk.com/removal-guides/26750-geacon-malware-mac

Geacon could have additional/different functionalities.

To summarize, the presence of software like Geacon on devices can lead to multiple system infections, severe privacy issues, financial losses, and identity theft.

If you suspect that your device is infected with Geacon (or other malware) – immediately perform a complete system scan using an anti-virus and eliminate the detected threats.

How did Geacon malware infiltrate my computer?

Several disguises have been noted in Geacon's distribution. It has been presented as SecureLink – a secure application for remote support. This malware has also been observed opening a decoy PDF document, supposedly containing the resume of a person named Xu Yiqing.

However, other disguises and various proliferation methods are likely in use for Geacon. Generally, malware is primarily spread by employing phishing and social engineering tactics.

The most widely used malware distribution methods include: malicious attachments and links in spam mail (e.g., emails, DMs/PMs, SMSes, etc.), dubious download channels (e.g., freeware and third-party websites, Peer-to-Peer sharing networks, etc.), pirated software and illegal program activation ("cracking") tools, fake updates, online scams, drive-by (stealthy/deceptive) downloads, and malvertising.

What is more, some malicious programs can self-proliferate via local networks and removable storage devices (e.g., external hard drives, flash drives, etc.).

How to avoid installation of malware?

We highly recommend exercising caution while browsing since fraudulent and malicious online content usually appears ordinary and innocuous. The same vigilance must be extended to incoming emails and other messages. We advise against opening attachments or links found in suspect/irrelevant mail, as they can be infectious.

Additionally, all downloads must be performed from official and verified sources. Another recommendation is to activate and update programs by using legitimate functions/tools, as those acquired from third-parties may contain malware.

We must stress the importance of having a dependable anti-virus installed and kept updated. Security software must be used to run regular system scans and to remove detected threats/issues. If your computer is already infected, we recommend running a scan with Combo Cleaner Antivirus for macOS to automatically eliminate this malware.

Screenshot of a PDF document used as a distraction during the injection of Gearcon malware (source: SentinelOne):

Which Malware cleaner is recommended for MAC OS?

https://cybernews.com/best-antivirus-software

compare "malware bytes" and "pc matic" on malware detection and removal for mac osx

Candidate Solutions

Password management

Don't use global passwords

use password formulas not strings

Update passwords on the critical sites:  financial, government, key vendor, key work sites

Add MFA - 2 step authorization with SMS, biometrics and more

Apple MAC Pro Protection strategy

validate sources for any software apps, tools, browser extensions etc to install 

prefer app store installs

if installing from another source- add steps to validate the file signature is correct, size and the source of the file is legitimate

stay current on the OS reasonably to use latest built in security support

add MalwareBytes tool to MAC Pro to monitor for malware

Purchased Norton 360 Premium for 10 devices subscription ( covers any pc, mac, smartphone, tablet )

Step-by-step guide for Example

sample code block

Recommended Next Steps

Related articles