Skip to main content

Really dumb malware targets cryptocurrency fans using Macs

posted onJuly 4, 2018
by l33tdawg

Someone impersonating administrators of cryptocurrency-related discussion channels on Slack, Discord, and other social messaging platforms has been attempting to lure others into installing macOS malware. The social-engineering campaign consists of posting a script in discussions and encouraging people to copy and paste that script into a Terminal window on their Macs. The command downloads a huge (34 megabyte) file and executes it, establishing a remote connection that acts as a backdoor for the attacker.

Patrick Wardle, a Mac malware expert, also examined the malware and dubbed it "OSX.Dummy" because, as he wrote:

        the infection method is dumb
        the massive size of the binary is dumb
        the persistence mechanism is lame (and thus also dumb)
        the capabilities are rather limited (and thus rather dumb)
        it's trivial to detect at every step (that dumb)
        ... and finally, the malware saves the user's password to dumpdummy

 

Source

Tags

Apple Viruses & Malware

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th