Researchers have discovered a previously unknown variant of the Gimmick malware targeting Mac systems. Gimmick is believed to be a form of spyware from a Chinese threat actor called Storm Cloud. This ongoing campaign takes aim at both macOS and Windows, and aims to be stealthy and hard to spot.
The malware is obfuscated and once executed will connect to Google Drive in order to get new commands. The available commands are basic, like download file, upload file and execute a command, but they encompass everything that the attackers need.
Acronis Cyber Protect Cloud offers threat-agnostic protection for macOS, detecting and blocking even new malware like Gimmick before it can cause system damage or data loss.