/?pid=in-the-wild-mac-malware-kept-busy-in-june-20931

Updated:03:14 AM EDT Oct 04
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 In-the-wild Mac malware kept busy in June - TechAmok

In-the-wild Mac malware kept busy in June - [security]
07:53 AM EDT - Jun,30 2019 - post a comment

June was a busy month for Mac malware with the active circulation of at least six threats, several of which were able to bypass security protections Apple has built into modern versions of its macOS. The latest discovery was published Friday by Mac antivirus provider Intego, which disclosed malware dubbed OSX/CrescentCore that's available through Google search results and other mainstream channels. It masquerades as an updater or installer for Adobe's Flash media player, but it's in fact just a persistent means for its operators to install malicious Safari extensions, rogue disk cleaners, and potentially other unwanted software.
OSX/CrescentCore is delivered as a Trojan horse application on a .dmg disk image, masquerading as an Adobe Flash Player installer.

However, unlike the typical, everyday, fake Flash Player updater, OSX/CrescentCore has some extra capabilities in an effort to make it more difficult for antivirus software to detect, and more difficult for malware analysts to examine and reverse engineer.

If a user opens the .dmg disk image and opens the Player app (which has a Flash Player icon), the Trojan horse will first check to see whether it is running inside a virtual machine (VM). Malware analysts often examine malware inside a VM to avoid unintentionally infecting their own computers while working with dangerous files, so malware authors sometimes implement VM detection and behave differently to make it more difficult to analyze the malware's behavior.

The OSX/CrescentCore Trojan app also checks to see whether any popular Mac antivirus programs are installed.

If the malware determines that it's running within a VM environment or with anti-malware software present, it will simply exit and not proceed to do anything further.

For Mac users without antivirus software, however, the Trojan will proceed to install a LaunchAgent-a persistent infection.

A second variant of this malware is currently under analysis. Depending on the variant, the Trojan installer may install rogue software known as "Advanced Mac Cleaner" (OSX/AMC) or install a malicious Safari browser extension.

Short overview of recent news articles

Chasing a Gaming World Record (Oct,04 2025 )

Frankenstein - Official Trailer (2025) Guillermo del Toro, Oscar (Oct,02 2025 )

iPhone 17 Pro Max vs 16 Pro Max / Pixel 10 Pro XL / Galaxy S25 Ultra (Oct,02 2025 )

iOS 26.0.1 is Out! - What's New? (Sep,30 2025 )

NEW! 2026 Audi Q3 2.0 TFSI (265hp) vs. e-hybrid (272hp)| 0-100 km/h (Sep,30 2025 )

Samsung One UI 8.5 Hands on - I Was Wrong (Sep,29 2025 )

iPhone Air Teardown - What is 3D Printed Titanium? (Sep,28 2025 )

Nvidia Wouldn't Send Me This $30,000 GPU - H200 Holy $H!T (Sep,28 2025 )

The Astronaut - Official Trailer (2025) Kate Mara, Laurence (Sep,27 2025 )

iPhone 17 Durability Test -- What Scratches are Permanent? (Sep,25 2025 )

iPhone 17 Pro Max vs. Galaxy S25 Ultra Drop Test! (Sep,23 2025 )

Race Highlights: A Swing In The Drivers' Title Fight? | 2025 (Sep,21 2025 )

BYD Yangwang U9 Hits 496.22 KM/H - EV Supercar Speed Record (Sep,21 2025 )

I'm FIRST to Unbox The World's Biggest TV (Sep,21 2025 )

Samsung Begins Rollout of Android 16 to Rest of Lineup (Sep,21 2025 )

iOS 26 Now Available, with Visual Intelligence (Sep,21 2025 )

Apple's iPhone 17 Series is Nearly Hack-Proof (Sep,21 2025 )

Qualifying Highlights - 2025 Azerbaijan Grand Prix (Sep,21 2025 )

iPhone 17 Pro vs Samsung S25 Ultra Camera Comparison! (Sep,20 2025 )

iPhone Air Durability test -- I AM SHOCKED (Sep,20 2025 )

Microsoft warns Office 2016/2019 users to switch to the cloud as (Sep,15 2025 )

Get Windows 11 25H2 Right Now (Sep,15 2025 )

iPhone 17 Pro VS iPhone 16 Pro VS iPhone 15 Pro VS iPhone 14 Pro (Sep,14 2025 )

What's the AMD Alternative to an RTX 5070? (Sep,11 2025 )

Apple got my wife, they might get me next... (Sep,10 2025 )

Which Phone Has The Fastest Wi-Fi 7? (Sep,09 2025 )

Apple Event - September 9 (Sep,09 2025 )

Ferrari F430 *MANUAL* with TUBI EXHAUST SCREAMING on the AUTOBAHN! (Sep,08 2025 )

AMD Adrenalin 25.9.1 Driver (Sep,08 2025 )

Google Brings AI Text Tools to its Keyboard (Sep,08 2025 )

The Fastest Lap In F1 History: Max Verstappen's Pole Lap | 2025 (Sep,06 2025 )

You can't download and install Windows 11 25H2 yet as Microsoft (Sep,06 2025 )

A House of Dynamite - Official Teaser (2025) Rebecca Ferguson, Greta (Sep,04 2025 )

RTX 5060 Ti 16GB + Ryzen 5 5600 : Test in 17 Games (Sep,04 2025 )

BUGONIA Trailer 2 (2025) Emma Stone, Jesse Plemons (Sep,02 2025 )

Huawei unveils world-leading AI supercharged hard drive to power (Sep,02 2025 )

AM4 Lives: AMD Ryzen 5 5500X3D CPU Review & Benchmarks (Sep,01 2025 )

I was wrong, iPhone IS better than Android...- 30 Day iPhone (Aug,29 2025 )

303KM/H BMW X5 M50i GPOWER SOUNDS LIKE THUNDER (Aug,29 2025 )

NVIDIA GeForce 581.15 WHQL drivers (Aug,29 2025 )

Apple Intelligence vs Galaxy AI / Google Pixel AI / Xiaomi HyperAI - (Aug,28 2025 )

The Woman in Cabin 10 - Official Trailer (Aug,28 2025 )

YANGWANG U9 Breaks Global EV Top Speed Record (Aug,28 2025 )

AMD B850 Motherboard Roundup: Sub $200 Models (Aug,26 2025 )

Gamers Nexus: Our Channel Could Be Deleted (Aug,25 2025 )

2025 Audi A5 E-Hybrid 299HP "250KMH is back!!" // REVIEW on (Aug,24 2025 )

I Can't Stop You From Buying This... But I'll Try - GeForce RTX (Aug,23 2025 )

NVIDIA GeForce 581.08 WHQL Driver (Aug,23 2025 )

Murcielago with flames chasing an F1 car on highway (2025) (Aug,21 2025 )

Windows 11 24H2 Security Update Causes SSD/HDD Failures and (Aug,18 2025 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs