After being used to target iphones and Android smartphones, LightSpy spyware is now able to chase the best Macbook following the release of an updated version of the surveillance framework.

As reported by BleepingComputer, LightSpy is a module capable of stealing all kinds of data from victims, including files, screenshots, location data, etc. Until recently, it was only used to target the best mobile phones and other mobile devices. But according to a new report from ThreatFabric, the macOS version of LightSpy has been doing rounds online since at least the beginning of the year. Fortunately, it is still in the testing phase.

Here's all you need to know about LightSpy along with some tips on how to stay safe from spyware in general.

By exploiting a misconfiguration in LightSpy's control panel, ThreatFabric researchers have discovered that the hackers behind the spyware are using WebKit (tracked as CVE-2018-4233) to monitor how the spyware works, its infrastructure, and Macs using the previously infected device LightSpy. It uses an old security flaw in Safari (tracked as Cve-2018-4404) to target macOS version 10.13.3 or earlier.

Although a bit technical, hackers run scripts using 64-bit macho binaries disguised as PNG image files and download second-stage payloads containing more exploits and tools to help gain root access and establish persistence on vulnerable Macs. 

From there, they download and run LightSpy Core on an infected machine that acts as a central plug-in management system for the spyware framework. It also allows communication between spyware and hacker control command and Control (C&C) servers.

Unlike other malware and spyware strains that need to be completely rebuilt to target new devices, LightSpy uses plug-ins instead, which makes it easy to create new plug-ins and add them to spyware to take specific actions on the compromised device.

LightSpy uses 14 plug-ins on Android and 16 on iPhone, but the newer macOS version only uses 10 plug-ins.

These are all of the plug-ins currently used in the Mac version of LightSpy, but can be added more easily later. Also during its investigation, ThreatFabric found references to versions of spyware for Windows, Linux and Wi-Fi routers to determine if they are currently being used in attacks.

Spyware is still a dangerous threat and should be kept on the lookout, but unlike other malware strains, it is not a threat. Hackers usually only use it when tracking high-profile targets like CEOs, politicians and other government officials.

Still, in order to stay safe from spyware, the first and most important thing you can do is to update the latest software and keep your device running. This is because Apple frequently patches zero-day defects on iPhones and Macs and exploits them for hackers to install spyware on vulnerable devices. For example, in this LightSpy campaign targeting Macs, the hackers behind it have been using 2018's 2 flaws. Cybercriminals love to keep track of users who have not yet updated their devices, so don't make things easier by not updating their devices in a timely manner.

From here, you should consider using the best Mac antivirus software to keep your Apple computer safe from spyware and other viruses. macOS has its own malware scanner built in in the form of xprotect, but paid antivirus software often comes with useful additional features such as a VPN and password manager to keep you online even more secure.

I seriously doubt that this is the last time we will hear about LightSpy Spyware which is why you need to be extra careful when opening attachments, clicking links in emails and messages or downloading files online. Using good cyber hygiene and anti-virus is most of the threat, especially if you think about things over time rather than making the most of your emotions.