ESET¤Ï7·î19Æü(Êƹñ»þ´Ö)¡¢¥»¥­¥å¥ê¥Æ¥£¥Ö¥í¥°I see what you did there: A look at the CloudMensis macOS spyware¡ÃWeLiveSecurity¡×¤Ë¤ª¤¤¤Æ¡¢Mac¤òɸŪ¤È¤·¤¿¥¹¥Ñ¥¤¥¦¥§¥¢¤¬´Ñ¬¤µ¤ì¤Æ¤¤¤ë¤ÈÅÁ¤¨¤¿¡£CloudMensis¤È̾ÉÕ¤±¤é¤ì¤¿¤½¤Î¥¹¥Ñ¥¤¥¦¥§¥¢¤Ï¡¢¥Ú¥¤¥í¡¼¥É¤ä¥Õ¥¡¥¤¥ë¤Îή½Ð¤ËpCloud¡¢Yandex Disk¡¢Dropbox¤Ê¤É¤Î¥Ñ¥Ö¥ê¥Ã¥¯¥¯¥é¥¦¥É¥¹¥È¥ì¡¼¥¸¥µ¡¼¥Ó¥¹¤òÍøÍѤ·¤Æ¤¤¤ë¤³¤È¤¬¤ï¤«¤Ã¤Æ¤¤¤ë¡£

I see what you did there: A look at the CloudMensis macOS spyware¡ÃWeLiveSecurity

CloudMensis¤Ï2022ǯ4·î¤Ë´Ñ¬¤µ¤ì¤¿¡¢Objective-C¤Ç³«È¯¤µ¤ì¤¿Mac¥æ¡¼¥¶¡¼¤òÁÀ¤Ã¤¿¥Þ¥ë¥¦¥§¥¢¡£Intel¤ÈApple¤ÎξÊý¤Î¥·¥ê¥³¥ó¥¢¡¼¥­¥Æ¥¯¥Á¥ã¤ò¹¶·â¤Ç¤­¤ë¤è¤¦À߷פµ¤ì¤Æ¤¤¤ë¡£CloudMensis¤Ï¥³¡¼¥É¼Â¹Ô¤È´ÉÍý¼Ô¸¢¸Â¤ò°­ÍѤ·¡¢pCloud¤Ë¤¢¤ë¥Ú¥¤¥í¡¼¥É¤ò¥À¥¦¥ó¥í¡¼¥É¤·¤Æµ¯Æ°¤¹¤ë¡£¤³¤Î¥Ú¥¤¥í¡¼¥É¤ÏƱ¤¸¤¯pCloud¤Ë¥Û¥¹¥È¤µ¤ì¤Æ¤¤¤ë¥Þ¥ë¥¦¥§¥¢¤ò¥Õ¥§¥Ã¥Á¤·¤Æ¼Â¹Ô¤¹¤ë¤¿¤á¤ËÍøÍѤµ¤ì¤ë¡£¼¡¤Ë¥À¥¦¥ó¥í¡¼¥É¤µ¤ì¤¿¥Þ¥ë¥¦¥§¥¢¤Ë¤è¤Ã¤ÆMac¤Ë¤¢¤ë¥É¥­¥å¥á¥ó¥È¤ä¥¹¥¯¥ê¡¼¥ó¥·¥ç¥Ã¥È¡¢ÅŻҥ᡼¥ë¤ÎźÉÕ¥Õ¥¡¥¤¥ë¤Ê¤É¤¬¥¯¥é¥¦¥É¥¹¥È¥ì¡¼¥¸¥µ¡¼¥Ó¥¹¤Ëή½Ð¤¹¤ë»ÅÁȤߤȤʤäƤ¤¤ë¡£

CloudMensis¤Ë¤Ï¥»¥­¥å¥ê¥Æ¥£¥Õ¥ì¡¼¥à¥ï¡¼¥¯¡¢TCC¡ÊTransparency, Consent, and Control¡Ë¤ò²óÈò¤¹¤ëµ¡Ç½¤¬¼ÂÁõ¤µ¤ì¤Æ¤¤¤ë¡£TCC¤ò²óÈò¤¹¤ë¤³¤È¤Ç¥æ¡¼¥¶¡¼¤ÎƱ°Õ¤òÆÀ¤ë¤³¤È¤Ê¤¯¡¢¥É¥­¥å¥á¥ó¥È¡¢¥À¥¦¥ó¥í¡¼¥É¡¢¥Ç¥¹¥¯¥È¥Ã¥×¡¢iCloud Drive¡¢¥Í¥Ã¥È¥ï¡¼¥¯¥Ü¥ê¥å¡¼¥àÆâ¤Î¥Õ¥¡¥¤¥ë¤Ë¥¢¥¯¥»¥¹¤¹¤ë¤³¤È¤¬²Äǽ¤È¤Ê¤Ã¤Æ¤¤¤ë¡£¤³¤Îµ¡Ç½¤Ï2020ǯ¤Ëȯ¸«¤µ¤ì¤¿ÀȼåÀ­(CVE-2020-9934)¤¬°­ÍѤµ¤ì¤Æ¤¤¤ë¤È¤Î¤³¤È¤À¡£

ESET¤Ë¤è¤ë¤È¡¢CloudMensis¤ÏMac¥æ¡¼¥¶¡¼¤Ë¤È¤Ã¤Æ¶¼°Ò¤À¤¬¡¢¥³¡¼¥É¤Î°ìÈÌŪ¤ÊÉʼÁ¤ÈÆñÆɲ½¤Î·çÇ¡¤«¤éºîÀ®¼Ô¤¬Mac¤Î³«È¯¤Ë¤¢¤Þ¤êÀºÄ̤·¤Æ¤ª¤é¤º¡¢¤½¤ì¤Û¤É¹âÅ٤Ǥʤ¤²ÄǽÀ­¤¬¤¢¤ë¤È»ØŦ¡£¤Þ¤¿¡¢¤³¤Î¶¼°Ò¤Ë¥¼¥í¥Ç¥£ÀȼåÀ­¤Ï»È¤ï¤ì¤Æ¤¤¤Ê¤¤¤³¤È¤¬Êó¹ð¤µ¤ì¤Æ¤¤¤ë¡£¤·¤¿¤¬¤Ã¤Æ¡¢¤³¤Î¥Þ¥ë¥¦¥§¥¢¤ËÂФ·¤Æ¤Ï¡¢ºÇ¿·¤ÎMac¤Ë¥¢¥Ã¥×¥Ç¡¼¥È¤¹¤ë¤³¤È¤ÇÂкö¤Ç¤­¤ë¤È¤µ¤ì¤Æ¤¤¤ë¡£