Windows 10 News and info | Forum
August 26, 2019, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Mac Malware Makers Now Using Classic Windows Techniques  (Read 1452 times)
Hero Member
Offline Offline

Gender: Male
United States United States

Posts: 30378

I Do Windows

WWW Email
« on: February 10, 2017, 05:53:10 PM »

Cybercriminals sure are learning! Mac users are not very often victims of malware that often, though threats continue to rise for the Apple platform on a steady basis these days.

And as this new Mac malware that was detected earlier this week proves, the threat levels are high.

Security researchers have detected two separate instances of macOS malware this week, one of which relies on an old, tried and tested Windows technique. A malicious Microsoft Word document that abused macros was sent, which immediately started doing some shady tricks.

The title of the document, as noted, is ‘U.S. Allies and Rivals Digest Trump’s Victory – Carnegie Endowment for International Peace’.

If the Word application was configured to allow macros and ignore warnings, the embedded macro automatically gathered if a security firewall was not running. In which case, it downloaded an encrypted payload, decrypted it using a hardcoded key, and executed the payload to infect the machine.

It is believed that this malware has the ability to monitor webcams, steal passwords and encryption keys, as well as access browser history logs.

What’s interesting is that these types of attacks are considered primitive these days, but it goes to show that cybercriminals do try every avenue they can find time for.

The other malware instance discovered, by the way, is of a fake Flash Player update, and this, too, made use of a classic Windows technique of faking a regular software update dialog.


Pages: [1]
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page July 27, 2019, 08:01:05 AM