|
In-the-wild Mac malware kept busy in June - TechAmok
In-the-wild Mac malware kept busy in June - [security] 07:53 AM EDT - Jun,30 2019 - post a comment June was a busy month for Mac malware with the active circulation of at least six threats, several of which were able to bypass security protections Apple has built into modern versions of its macOS. The latest discovery was published Friday by Mac antivirus provider Intego, which disclosed malware dubbed OSX/CrescentCore that's available through Google search results and other mainstream channels. It masquerades as an updater or installer for Adobe's Flash media player, but it's in fact just a persistent means for its operators to install malicious Safari extensions, rogue disk cleaners, and potentially other unwanted software.
OSX/CrescentCore is delivered as a Trojan horse application on a .dmg disk image, masquerading as an Adobe Flash Player installer.
However, unlike the typical, everyday, fake Flash Player updater, OSX/CrescentCore has some extra capabilities in an effort to make it more difficult for antivirus software to detect, and more difficult for malware analysts to examine and reverse engineer.
If a user opens the .dmg disk image and opens the Player app (which has a Flash Player icon), the Trojan horse will first check to see whether it is running inside a virtual machine (VM). Malware analysts often examine malware inside a VM to avoid unintentionally infecting their own computers while working with dangerous files, so malware authors sometimes implement VM detection and behave differently to make it more difficult to analyze the malware's behavior.
The OSX/CrescentCore Trojan app also checks to see whether any popular Mac antivirus programs are installed.
If the malware determines that it's running within a VM environment or with anti-malware software present, it will simply exit and not proceed to do anything further.
For Mac users without antivirus software, however, the Trojan will proceed to install a LaunchAgent-a persistent infection.
A second variant of this malware is currently under analysis. Depending on the variant, the Trojan installer may install rogue software known as "Advanced Mac Cleaner" (OSX/AMC) or install a malicious Safari browser extension.
|
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
Mar,28 2024 Intel's Battle Has Just Begun Mar,27 2024 Unreal Physics is a new free game on Steam Mar,27 2024 Is The World's Cheapest Hardware Wallet SafePal S1 Worth It? Mar,27 2024 Yes, this was a Bad Idea (Emergency Wall-Mounted PC Build) Mar,27 2024 11 Cool Command Line Programs You Need to See Mar,26 2024 When you Accidentally Compromise every CPU on Earth Mar,24 2024 Everyone Who Tried This Has FAILED - Khadas Mind Modular PC Mar,24 2024 Air Cooling is Dead Mar,24 2024 US Justice Dept. Sues Apple for Monopolistic Behavior in Smartphones Mar,24 2024 Beetlejuice Beetlejuice - Official Teaser Trailer (2024) Michael Mar,22 2024 Alien: Romulus | Teaser Trailer Mar,22 2024 NVIDIA Is On a Different Planet Mar,21 2024 Everyone Needs This and it's Under $10 - Handy Tech Under $100 Mar,21 2024 20 COOL GADGETS FOR 2024 Mar,21 2024 Nvidia's 5090 Is Built From WHAT?! Mar,20 2024 Parasyte: The Grey | Official Trailer | Netflix Mar,20 2024 Fastest m.2 on Planet EARTH | Crucial T705 Nvme Review Mar,20 2024 LG's new 480Hz OLED dual-mode monitor Mar,19 2024 First 9.1 GHz CPU (overclocked 14900KS) Mar,18 2024 Haley Messick - Saatisfaction @bennybenassi - In10sive Mastercamp Mar,18 2024 1000W CPU: The Most Powerful Desktop Processor Mar,18 2024 Expands Snapdragon 8 Series to Cover More Price Points Mar,17 2024 Train Vs Lamborghini Mar,16 2024 Don't use a Microsoft Account! Mar,16 2024 This Ghillie Made from MIRRORS is SHOCKINGLY GOOD Mar,16 2024 How Hackers Deliver Malware to Hack you using Social Media Mar,15 2024 Call of Duty: Warzone Mobile - Launch Trailer Mar,14 2024 Intel's 4th Attempt At Beating Ryzen - "New" 6.2GHz Core Mar,14 2024 Asus Goes Big with Zenfone 11 Ultra Mar,14 2024 House Passes Bill to Force Sale of TikTok Mar,14 2024 Motorola Brings More Affordable 5G Phones to its 2024 Lineup Mar,14 2024 Capristan Swim - Miami Swim Week | Art Basel Miami Mar,11 2024 The Most Stunning All SSD NAS Ever? Inside QNAP's All-SSD Mar,11 2024 M2 vs M3 MacBook Air - ULTIMATE Comparison! Mar,11 2024 Risky PC Experiment: Direct CPU Water-Cooling! Can It Survive? Mar,11 2024 SpaceX Falcon 9 rocket launches 23 Starlink satellites from Mar,10 2024 I tried the Cheapest Arduino Alternative (that Nobody heard of) Mar,10 2024 This is the WEIRDEST PC I've ever seen. Mar,10 2024 Nvidia Retires GTX 16 Series, GDDR7 Arrives, FSR Upscaling Going AI? Mar,09 2024 The New BIOS Hack That Bypasses Every Antivirus
>> News Archive <<
| |
|