Pirated Software Puts Mac Users at Risk as Proxy Malware Emerges

Malware is being targeted at Mac users who receive pirated versions of popular apps from warez websites after they choose to download them from those websites.
Various reports state that cybercriminals are infecting macOS devices with proxy trojans and turning them into terminals to spread the malware and run phishing and hacking campaigns on them.
It has been reported recently that an ongoing campaign called the Kaspersky Campaign was discovered earlier in the year in April.
According to the report, the campaign sells proxy access that turns into botnets such as Qakbot, which was recently dismantled by the Federal Bureau of Investigation and removed from around 7,00,000 machines.
According to Kaspersky's report, this campaign is targeting users who are not willing to pay for premium versions of apps or who are unwilling to upgrade their current apps.
The cybersecurity firm's research found that the virus was injected into pirated versions of 35 popular apps that edit images, compress videos, edit videos, recover lost data, scan networks, and recover passwords.
The latest attack is targeting Mac users by spreading a new proxy trojan malware through the distribution of popular copyrighted macOS software that can be found on warez websites, enabling them to exploit Mac users.
Cybercriminals exploit the allure of being able to get premium applications without paying by exploiting the allure of obtaining premium applications.
In the recent campaign, which was uncovered by Kaspersky, 35 popular software applications include image editors, video compressors and editors, data recovery programs, and network scanning tools that are known to contain the proxy trojan, which is a type of malware.
This trojanized version of the software is downloaded as a PKG file, which poses an even higher risk than the normal disk image file, which can be used to install the software on your computer.
As part of the installation process, PKG files can run scripts, giving them the same rights as administrators.
It opens up a whole new level of risk by granting them permission to perform dangerous actions like the modification of files, the execution of commands, and more.
Plist file used by the trojan can be found in the virus.
There is no confirmation of a specific command or command sequence that the trojan can execute.
Still, analysis indicates that it is capable of creating TCP or UDP connections on its own to facilitate proxying, to communicate with a command and control server using DNS-over-HTTPS. The same C2 hardware that hosts the macOS proxy trojan payloads, as well as similar payloads for Android and Windows systems, also indicates that these cybercriminals are targeting a wide range of devices with their payloads, indicating that they are targeting a variety of devices.
This trojan is triggered by a file called GoogleHelperUpdater.
Plist, another legitimate-sounding Chrome file that makes it harder for the trojan to be detected.
Kaspersky's study suggests that the trojan is affecting both macOS and Android devices.
The study suggests that although Kaspersky's researchers could not see what commands the malware is executing, the malware appears to be using TCP and UDP networking protocols to act as a proxy for other applications.
Kaspersky researchers believe that the threat actor behind this particular campaign has specific reasons to believe that it is targeting other operating systems, just with a different installer, in addition to macOS users.


This Cyber News was published on www.cysecurity.news. Publication date: Tue, 05 Dec 2023 16:13:14 +0000


Cyber News related to Pirated Software Puts Mac Users at Risk as Proxy Malware Emerges

Pirated Software Puts Mac Users at Risk as Proxy Malware Emerges - Malware is being targeted at Mac users who receive pirated versions of popular apps from warez websites after they choose to download them from those websites. Various reports state that cybercriminals are infecting macOS devices with proxy trojans ...
11 months ago Cysecurity.news
16 top ERM software vendors to consider in 2024 - Enterprise risk management software helps organizations identify, mitigate and remediate business risks, which can lead to improved business performance. The risk management market is rapidly evolving from separate tools across different risk domains ...
10 months ago Techtarget.com
Stealthy New macOS Backdoor Hides on Chinese Websites - A sneaky macOS backdoor that allows attackers to remotely control infected machines has been hiding in trojanized applications for the platform that are hosted on Chinese websites. Researchers from Jamf Threat Labs discovered the series of poisoned ...
10 months ago Darkreading.com
Master Security by Building on Compliance with A Risk-Centric Approach - In recent years, a confluence of circumstances has led to a sharp rise in IT risk for many organizations. That's why a proactive approach to seeing, understanding, and acting on risk is key to improving the effectiveness of defenses in place to meet ...
10 months ago Cyberdefensemagazine.com
How to Remove Malware + Viruses - Malware removal can seem daunting after your device is infected with a virus, but with a careful and rapid response, removing a virus or malware program can be easier than you think. We created a guide that explains exactly how to rid your Mac or PC ...
7 months ago Pandasecurity.com
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
4 months ago Pandasecurity.com
Pirated Microsoft Office delivers malware cocktail on systems - Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites. The malware delivered to users includes remote access trojans, cryptocurrency miners, malware downloaders, proxy tools, and ...
5 months ago Bleepingcomputer.com
ProcessUnity Introduces Industry's All-In-One Third-Party Risk Management Platform - PRESS RELEASE. BOSTON-(BUSINESS WIRE)- ProcessUnity, provider of comprehensive end-to-end third-party risk management and cybersecurity solutions to leading enterprises, today announced the completed integration of the Global Risk Exchange. The newly ...
9 months ago Darkreading.com
12 Essential Steps Mac Users Need To Take At Year End - As the year comes to a close, Mac users should take these steps to ensure their device's security, performance and organization. Here are the year-end steps you should take to ensure your Mac is ready for 2024. After ensuring your Mac's files are ...
11 months ago Techrepublic.com
PixPirate: The Brazilian financial malware you can't see, part one - The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan malware that heavily utilizes anti-research techniques. Within IBM Trusteer, we saw several different ...
9 months ago Securityintelligence.com
What Is Software Piracy? - Software piracy has become a worldwide issue, with China, the United States and India being the top three offenders. In 2022, 6.2% of people worldwide visited software piracy websites. Software piracy doesn't require a hacker or skilled coder. Any ...
11 months ago Pandasecurity.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)