/?pid=in-the-wild-mac-malware-kept-busy-in-june-20931

Updated:02:47 AM EST Dec 16
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 In-the-wild Mac malware kept busy in June - TechAmok

In-the-wild Mac malware kept busy in June - [security]
07:53 AM EDT - Jun,30 2019 - post a comment

June was a busy month for Mac malware with the active circulation of at least six threats, several of which were able to bypass security protections Apple has built into modern versions of its macOS. The latest discovery was published Friday by Mac antivirus provider Intego, which disclosed malware dubbed OSX/CrescentCore that's available through Google search results and other mainstream channels. It masquerades as an updater or installer for Adobe's Flash media player, but it's in fact just a persistent means for its operators to install malicious Safari extensions, rogue disk cleaners, and potentially other unwanted software.
OSX/CrescentCore is delivered as a Trojan horse application on a .dmg disk image, masquerading as an Adobe Flash Player installer.

However, unlike the typical, everyday, fake Flash Player updater, OSX/CrescentCore has some extra capabilities in an effort to make it more difficult for antivirus software to detect, and more difficult for malware analysts to examine and reverse engineer.

If a user opens the .dmg disk image and opens the Player app (which has a Flash Player icon), the Trojan horse will first check to see whether it is running inside a virtual machine (VM). Malware analysts often examine malware inside a VM to avoid unintentionally infecting their own computers while working with dangerous files, so malware authors sometimes implement VM detection and behave differently to make it more difficult to analyze the malware's behavior.

The OSX/CrescentCore Trojan app also checks to see whether any popular Mac antivirus programs are installed.

If the malware determines that it's running within a VM environment or with anti-malware software present, it will simply exit and not proceed to do anything further.

For Mac users without antivirus software, however, the Trojan will proceed to install a LaunchAgent-a persistent infection.

A second variant of this malware is currently under analysis. Depending on the variant, the Trojan installer may install rogue software known as "Advanced Mac Cleaner" (OSX/AMC) or install a malicious Safari browser extension.

Short overview of recent news articles

$30 vs $30,000 TV (Dec,16 2025 )

Stranger Things 5 - Volume 2 Trailer (Dec,16 2025 )

Google Brings Live Video Sharing to 911 Calls on Android (Dec,14 2025 )

Samsung One UI 8.5 Will Offer New Features (Dec,14 2025 )

Dell AW3225QF Review - 32-inch curved gaming monitor (Dec,14 2025 )

HW News - AMD Says AI Definitely, Absolutely Not A Bubble, New (Dec,13 2025 )

The BEST Smartphones of 2025! (Dec,13 2025 )

10 Atmospheric Games That Might CHANGE YOUR LIFE (Dec,11 2025 )

Samsung Galaxy S26 Ultra - Samsung Isn't Hiding It Anymore (Dec,11 2025 )

AMD Releases Adrenalin Edition 25.12.1 WHQL Drivers (Dec,10 2025 )

S25 Ultra VS 17 Pro Max (Dec,10 2025 )

All You Need Is Kill - Official Trailer (Dec,09 2025 )

Why can’t you be NORMAL?!? Roasting Staff Setups (Dec,09 2025 )

A Ryzen Cooling MONSTER - be quiet Silent Loop 3 Review (Dec,09 2025 )

The Boys - Official Final Season Trailer (Dec,07 2025 )

Unemployed in your 30's (Dec,06 2025 )

Play Store Customers to Receive Automatic Payments from $700 Million (Dec,05 2025 )

Google's Second Release of Android 16 Brings Smart Notifications (Dec,05 2025 )

Netflix To Buy Warner Bros for $82.7 Billion (Dec,05 2025 )

Micron to Exit Crucial Consumer Business, Ending Retail SSD and DRAM (Dec,03 2025 )

Samsung Galaxy Z TriFold Unboxing! (Dec,02 2025 )

Top 5 Best CPUs of 2025 (Nov,30 2025 )

Google Adding AirDrop to Android (Nov,30 2025 )

20 TOP ALIEXPRESS products for BLACK FRIDAY (Nov,29 2025 )

Stop Wasting Money on Premium Monitors (Nov,26 2025 )

The Blackest Friday - Tech News Nov 23 (Nov,23 2025 )

T-Roc: Will this new VW be the best car of 2026? (Nov,23 2025 )

Can I build my own Steam Machine? (Nov,23 2025 )

50 NEXT-LEVEL Gadgets Every Man NEEDS to See (Nov,22 2025 )

RETURN TO SILENT HILL Trailer (2026) (Nov,22 2025 )

I was WRONG about the Porsche 911 GT3 (or was I?) (Nov,20 2025 )

Pi GPT Tool Turns Raspberry Pi into a ChatGPT-Powered Smart Device (Nov,20 2025 )

Rainbow Six Siege X - Official 'Team Rainbow's Last Mission' (Nov,17 2025 )

Stranger Things Seasons 1-4 Recap (Nov,17 2025 )

Kill Bill: The Whole Bloody Affair - Official Trailer (2025) Uma (Nov,16 2025 )

The Devil Wears Prada 2 - Official Teaser Trailer (2026) Meryl (Nov,15 2025 )

Valve’s New Console and Controller - STEAM Machine & STEAM (Nov,15 2025 )

Valve Steam Machine, Desktop SteamOS, Steam Frame VR, & Controller | (Nov,15 2025 )

Battlefield REDSEC - Official Live-Action Trailer (Nov,01 2025 )

What's the Best PC Upgrade (besides CPU/GPU)? (Nov,01 2025 )

Directive 8020 - RTX On Trailer (Oct,31 2025 )

Stranger Things 5 - Official Trailer (Oct,30 2025 )

AMD Releases Software Adrenalin Edition 25.10.2 WHQL Drivers (Oct,29 2025 )

Exploding AMD CPUs | Investigating ASRock's Murderboards (Oct,29 2025 )

Setting Up Our First Huge Gaming Event was CHAOS (Oct,29 2025 )

Malware of the Future: What an infected system looks like in 2025 (Oct,27 2025 )

F1: Race Highlights | 2025 Mexico City Grand Prix (Oct,27 2025 )

F1: Qualifying Highlights | 2025 Mexico City Grand Prix (Oct,26 2025 )

New Big Windows 11 25H2 October Update - New Taskbar Battery Icons (Oct,25 2025 )

Apple Prepping 'Transfer to Android' Feature, Including 3rd-Party (Oct,25 2025 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs