|
|
In-the-wild Mac malware kept busy in June - TechAmok
In-the-wild Mac malware kept busy in June - [security]
07:53 AM EDT - Jun,30 2019 - post a comment June was a busy month for Mac malware with the active circulation of at least six threats, several of which were able to bypass security protections Apple has built into modern versions of its macOS. The latest discovery was published Friday by Mac antivirus provider Intego, which disclosed malware dubbed OSX/CrescentCore that's available through Google search results and other mainstream channels. It masquerades as an updater or installer for Adobe's Flash media player, but it's in fact just a persistent means for its operators to install malicious Safari extensions, rogue disk cleaners, and potentially other unwanted software.
OSX/CrescentCore is delivered as a Trojan horse application on a .dmg disk image, masquerading as an Adobe Flash Player installer.
However, unlike the typical, everyday, fake Flash Player updater, OSX/CrescentCore has some extra capabilities in an effort to make it more difficult for antivirus software to detect, and more difficult for malware analysts to examine and reverse engineer.
If a user opens the .dmg disk image and opens the Player app (which has a Flash Player icon), the Trojan horse will first check to see whether it is running inside a virtual machine (VM). Malware analysts often examine malware inside a VM to avoid unintentionally infecting their own computers while working with dangerous files, so malware authors sometimes implement VM detection and behave differently to make it more difficult to analyze the malware's behavior.
The OSX/CrescentCore Trojan app also checks to see whether any popular Mac antivirus programs are installed.
If the malware determines that it's running within a VM environment or with anti-malware software present, it will simply exit and not proceed to do anything further.
For Mac users without antivirus software, however, the Trojan will proceed to install a LaunchAgent-a persistent infection.
A second variant of this malware is currently under analysis. Depending on the variant, the Trojan installer may install rogue software known as "Advanced Mac Cleaner" (OSX/AMC) or install a malicious Safari browser extension.
|
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
|
Sep,27 2025 The Astronaut - Official Trailer (2025) Kate Mara, Laurence Sep,25 2025 iPhone 17 Durability Test -- What Scratches are Permanent? Sep,23 2025 iPhone 17 Pro Max vs. Galaxy S25 Ultra Drop Test! Sep,21 2025 Race Highlights: A Swing In The Drivers' Title Fight? | 2025 Sep,21 2025 BYD Yangwang U9 Hits 496.22 KM/H - EV Supercar Speed Record Sep,21 2025 I'm FIRST to Unbox The World's Biggest TV Sep,21 2025 Samsung Begins Rollout of Android 16 to Rest of Lineup Sep,21 2025 iOS 26 Now Available, with Visual Intelligence Sep,21 2025 Apple's iPhone 17 Series is Nearly Hack-Proof Sep,21 2025 Qualifying Highlights - 2025 Azerbaijan Grand Prix Sep,20 2025 iPhone 17 Pro vs Samsung S25 Ultra Camera Comparison! Sep,20 2025 iPhone Air Durability test -- I AM SHOCKED Sep,15 2025 Microsoft warns Office 2016/2019 users to switch to the cloud as Sep,15 2025 Get Windows 11 25H2 Right Now Sep,14 2025 iPhone 17 Pro VS iPhone 16 Pro VS iPhone 15 Pro VS iPhone 14 Pro Sep,11 2025 What's the AMD Alternative to an RTX 5070? Sep,10 2025 Apple got my wife, they might get me next... Sep,09 2025 Which Phone Has The Fastest Wi-Fi 7? Sep,09 2025 Apple Event - September 9 Sep,08 2025 Ferrari F430 *MANUAL* with TUBI EXHAUST SCREAMING on the AUTOBAHN! Sep,08 2025 AMD Adrenalin 25.9.1 Driver Sep,08 2025 Google Brings AI Text Tools to its Keyboard Sep,06 2025 The Fastest Lap In F1 History: Max Verstappen's Pole Lap | 2025 Sep,06 2025 You can't download and install Windows 11 25H2 yet as Microsoft Sep,04 2025 A House of Dynamite - Official Teaser (2025) Rebecca Ferguson, Greta Sep,04 2025 RTX 5060 Ti 16GB + Ryzen 5 5600 : Test in 17 Games Sep,02 2025 BUGONIA Trailer 2 (2025) Emma Stone, Jesse Plemons Sep,02 2025 Huawei unveils world-leading AI supercharged hard drive to power Sep,01 2025 AM4 Lives: AMD Ryzen 5 5500X3D CPU Review & Benchmarks Aug,29 2025 I was wrong, iPhone IS better than Android...- 30 Day iPhone Aug,29 2025 303KM/H BMW X5 M50i GPOWER SOUNDS LIKE THUNDER Aug,29 2025 NVIDIA GeForce 581.15 WHQL drivers Aug,28 2025 Apple Intelligence vs Galaxy AI / Google Pixel AI / Xiaomi HyperAI - Aug,28 2025 The Woman in Cabin 10 - Official Trailer Aug,28 2025 YANGWANG U9 Breaks Global EV Top Speed Record Aug,26 2025 AMD B850 Motherboard Roundup: Sub $200 Models Aug,25 2025 Gamers Nexus: Our Channel Could Be Deleted Aug,24 2025 2025 Audi A5 E-Hybrid 299HP "250KMH is back!!" // REVIEW on Aug,23 2025 I Can't Stop You From Buying This... But I'll Try - GeForce RTX Aug,23 2025 NVIDIA GeForce 581.08 WHQL Driver
>> News Archive <<
| |
|
