1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • MacOS devices are being targeted by pirated apps that want to hij

    From TechnologyDaily@1337:1/100 to All on Fri Jan 19 18:00:05 2024
    MacOS devices are being targeted by pirated apps that want to hijack your machine

    Date:
    Fri, 19 Jan 2024 17:47:34 +0000

    Description:
    Hackers are hiding malware in pirated macOS apps to target vulnerable devices and endpoints.

    FULL STORY ======================================================================

    Cybersecurity researchers from Jamf Threat Labs have uncovered a new piece of malware targeting macOS users.

    The malware , though unnamed, shares many similarities with another malicious piece of code discovered in 2021, called ZuRu.

    In a detailed report , the researchers said the malware was found hiding in three separate, pirated software. The software, including Microsoft Remote Desktop, was found on a Chinese website that provides links to different pirated applications. The ghost of ZuRu

    If a user downloads and runs any of the compromised applications, the malware will download and execute multiple payloads in the background. These payloads are all tasked with different things, from serving as a dropper, to being a backdoor, to working as a persistent downloader to deliver additional malicious payloads.

    The targets, obviously, seem to be Chinese macOS users, similar to what ZuRu did three years ago.

    Back in 2021, cybersecurity researchers from Objective-See and Trend Micro observed ZuRu hiding in pirated versions of applications such as iTerm, SecureCRT, Navicat Premium, and Remote Desktop Client. The people that downloaded these apps found them working as intended, but were oblivious to the fact that a Python script was being executed in the background.

    This script stole sensitive data from the victim endpoint and sent them to a command & control (C2) server used by the attackers.

    Its possible that this malware is a successor to the ZuRu malware given its targeted applications, modified load commands and attacker infrastructure, Jamfs researchers said.

    Pirated software is a great place to hide malware, the researchers also
    added, as users understand theyre engaged in illegal activity and expect
    their antivirus programs to raise a flag. This leaves them willing to skip past any security warning prompts built into the operating system such as Gatekeeper, which informs the user that these applications are not safe to open, they concluded.

    Thus, the best way to protect against such threats is not to steal and download pirated software in the first place. More from TechRadar Pro A key part of Foxconn has been hit by the Lockbit ransomware Here's a list of the best firewalls today These are the best endpoint protection services right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/macos-devices-are-being-targeted-by-pir ated-apps-that-want-to-hijack-your-machine


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)