Researchers Leverage ChatGPT to Expose Notorious macOS Malware

Dubbed HVNC, the malware is being sold on a Russian hacker and cybercrime forum for $60,000.


  1. The HVNC macOS malware tool is designed to target SMEs.
  2. The malware tool is effective on a wide range of macOS versions.
  3. This is a reminder that Macs are not immune to cyberattacks
  4. The creators of the malware tool have placed a large escrow deposit, which shows their confidence in the tool’s effectiveness.

Russian hackers and cybercrime forums are notorious for exploiting critical infrastructure. Last month, exclusively reported that a Russian-speaking threat actor was selling access to a US military satellite. Now, researchers have identified macOS malware being sold for $60,000.

Guardz Cyber Intelligence Research (CIR) team has uncovered a sophisticated and perilous macOS malware tool being sold on the notorious Russian cybercrime forum “Exploit.” Leveraging a lead from ChatGPT, the team has unearthed a Hidden Virtual Network Computer (HVNC) tool, designed to seize control of Macs within small to medium-sized enterprises (SMEs).

HVNC: New macOS Malware Lets Hackers Infiltrate Devices Covertly
ChatGPT assisting researchers (screenshot: Guardz)

HVNC is a malicious tool that enables cybercriminals to infiltrate Mac devices without the victim’s knowledge. Unlike conventional remote control technologies, HVNC operates covertly, creating a hidden desktop session that escapes the user’s awareness. 

According to Guardz CIR’s report, the tool was available for the staggering price of $60,000. For this sum, cybercriminals gain access to a malicious tool capable of persistently running on a Mac, evading user authorization, and executing a range of invasive functions. The tool is effective on a spectrum of macOS versions, from 10 up to macOS Ventura 13.2.

The creators of this tool, presumed to be Russian hackers, have taken their malevolent endeavours to new heights. To substantiate the tool’s credibility, an astonishing $100,000 deposit has been placed in an escrow account, earmarked as insurance should the tool fail to deliver as promised. This unprecedented measure shows the hackers’ confidence in their creation and its grave implications.

HVNC: New macOS Malware Lets Hackers Infiltrate Devices Covertly
Post by malware author on a Russian cybercrime and hacker forum (screenshot: Guardz)

Historically, Macs have enjoyed relative immunity compared to their Windows counterparts, but this equilibrium is being disrupted. Cybercriminals are increasingly targeting Macs, a trend that demands heightened awareness from both individual users and businesses alike.

Updating to the latest macOS version and refraining from downloading applications from untrusted sources is paramount. Employing reliable antivirus software, complemented by regular security audits, will further bolster defence mechanisms. 

  1. MacStealer Malware Targeting macOS Catalina Devices
  2. macOS Users Targeted by Chinese Iron Tiger APT Group
  3. SysJoker backdoor targeting Windows, macOS & Linux Devices
  4. DazzleSpy malware infects macOS devices through hacked sites
  5. UpdateAgent malware variant mimics legitimate macOS software
Related Posts