Updated:04:52 PM EDT Aug 20


this is ggmania.com subsite In-the-wild Mac malware kept busy in June - TechAmok

TOP STORIES

HEADLINES

Windows 10 20H1 major improvements revealed
Slipknot - Gun Cover!
10-Second Video Of A Mom Embarrassing Her Daughter
Lock Picker Bypasses Popular Security System With $2 Device
NVIDIA Issues Warning to Upgrade Drivers Due to Security Patches
20 Awesome Tricks with WD-40
Slipknot - Solway Firth [OFFICIAL VIDEO]
Japan-Korea Trade Spat and Toshiba Blackout Hike DRAM Prices by 20%
3 FROM HELL Official Trailer (2019) Rob Zombies, Horror Movie
25 million Android devices get infected
Ryzen 9 3900X & Ryzen 7 3700X Review
3-Second Video Of A Cat Jumping Over A Gate
Emily Ratajkowski Dancing GIF
Fast & Furious Presents: Hobbs & Shaw - Final Trailer
Intel to Cut Prices of its Desktop Processors by 15%
Succubus Trailer
DXR Tech Demo
Terminator: Dark Fate - Official Teaser Trailer (2019)

A Dude Getting Pranked By Skillful Turkish Ice Cream Scooper
Why Jurassic Park Looks Better Than Its Sequels
Microsoft App Brings Spam Filter, AI Sorting to Your Text Messages
Apple is planning to launch Apple TV+ by November at $9.99 per month
Apple Card is now available + 3% cash back for Uber / Uber Food
WD announces a 12TB external HDD
NVIDIA GeForce 436.02 WHQL driver
Marvel's Avengers Gameplay Video
Modern Warfare - Official GeForce RTX Ray Tracing Reveal Trailer
Madison Beer Staring Into The Camera
Google Drive will introduce long-asked-for file shortcuts feature
New Attack exploiting serious Bluetooth weakness
YouTube Originals will be free beginning Sept 24 to non-paying users
Dave Chappelle Netflix Standup Comedy Special Trailer
Botanist Rescues Abandoned Coyote Pup
Apple reportedly locking out unauthorized battery replacement
Certified Drivers Apparently Unsafe
AA tells airlines MacBook Pros with defective batteries can't fly

In-the-wild Mac malware kept busy in June - [security]
07:53 AM EDT - Jun,30 2019 - post a comment

June was a busy month for Mac malware with the active circulation of at least six threats, several of which were able to bypass security protections Apple has built into modern versions of its macOS. The latest discovery was published Friday by Mac antivirus provider Intego, which disclosed malware dubbed OSX/CrescentCore that's available through Google search results and other mainstream channels. It masquerades as an updater or installer for Adobe's Flash media player, but it's in fact just a persistent means for its operators to install malicious Safari extensions, rogue disk cleaners, and potentially other unwanted software.
OSX/CrescentCore is delivered as a Trojan horse application on a .dmg disk image, masquerading as an Adobe Flash Player installer.

However, unlike the typical, everyday, fake Flash Player updater, OSX/CrescentCore has some extra capabilities in an effort to make it more difficult for antivirus software to detect, and more difficult for malware analysts to examine and reverse engineer.

If a user opens the .dmg disk image and opens the Player app (which has a Flash Player icon), the Trojan horse will first check to see whether it is running inside a virtual machine (VM). Malware analysts often examine malware inside a VM to avoid unintentionally infecting their own computers while working with dangerous files, so malware authors sometimes implement VM detection and behave differently to make it more difficult to analyze the malware's behavior.

The OSX/CrescentCore Trojan app also checks to see whether any popular Mac antivirus programs are installed.

If the malware determines that it's running within a VM environment or with anti-malware software present, it will simply exit and not proceed to do anything further.

For Mac users without antivirus software, however, the Trojan will proceed to install a LaunchAgent-a persistent infection.

A second variant of this malware is currently under analysis. Depending on the variant, the Trojan installer may install rogue software known as "Advanced Mac Cleaner" (OSX/AMC) or install a malicious Safari browser extension.

Short overview of recent news articles

Aug,14 2019 Star Wars Resistance Season 2 - Trailer (Official)
Aug,13 2019 The World's Tallest Water Slide Was a Terrible, Tragic Idea
Aug,13 2019 Miley Cyrus Works Her Booty In A Thong Bikini
Aug,13 2019 New Samsung Camera Sensor for Phones: 108-MP Photos, 6K Videos
Aug,13 2019 Apple Expands Student ID Support in Apple Wallet
Aug,12 2019 Intel "Tiger Lake" Supports PCIe Gen 4
Aug,12 2019 AMD Releases Radeon Software Adrenalin 19.8.1 Drivers
Aug,12 2019 Free to play Angry Birds Friends available now
Aug,12 2019 Huawei Harmony OS OFFICIAL - Enter The NEW ERA!
Aug,11 2019 Windows 10 20H1 major improvements revealed
Aug,11 2019 Slipknot - Gun Cover!
Aug,10 2019 RUNNING WITH THE DEVIL Trailer (2019) Nicolas Cage Movie
Aug,10 2019 10-Second Video Of A Mom Embarrassing Her Daughter
Aug,10 2019 How They Made Me Look 23 in Gemini Man
Aug,09 2019 Samsung announces the PM1733 PCIe 4.0
Aug,09 2019 All Four Top US Carriers to Offer 5G Note10, with Varying Band
Aug,09 2019 Apple Offers Rewards up to $1 Million for iPhone Vulnerabilities
Aug,09 2019 Telegram 5.10 released with silent messages
Aug,08 2019 Lock Picker Bypasses Popular Security System With $2 Device
Aug,08 2019 Some pro hide and seek video
Aug,07 2019 Samsung Note10 Comes in Two Sizes
Aug,07 2019 Samsung Galaxy Watch Active2 Gains LTE, Touch Bezel, New Sizes
Aug,07 2019 New Android Feature Speaks When You Can't During a 911 Call
Aug,07 2019 Verizon Drops Prices on Unlimited Plans, Adds Options
Aug,07 2019 DXR Spotlight Contest - UE4 Diode Demo
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs