Along with those are the fake “Adobe Zii” called “Sample” and the Xmrig cryptominer, shown in DetectX Swift’s search results: Nothing if not versatile, the naughty authors behind this bad boy have mashed up a malware cocktail that comprises Automator, AppleScript, shell script, Python and Cocoa.įor persistence, two launch agents are dropped.
The fake “cracker” is a trojan that leverages an Automator workflow to install a cryptominer via an Empyre backend. Way to go with the targeting, malware authors! We’re hoping this name doesn’t stick, but for now at least it refers to a fake version of an “illegal” app for cracking Adobe products called Adobe Zii. On top of that, the fading (but never dull!) Adobe Flash was patched to plug yet another 0day and BitComet “officially” joins the wonderful world of InstallCore. MalwareBytes’ Thomas Reed dubbed a new macOS malware variant OSX.DarthMiner, while Digita Security’s Patrick Wardle (aka Objective-See) reversed a weaponized version of an Office for Mac exploit first revealed back in August. The fun always seems to happen on Fridays, and last Friday certainly bore that out with publication of two different issues targeting macOS users.
0 kommentar(er)
