June 20, 2024 at 12:01PM A widespread campaign is targeting cryptocurrency users through fake virtual meeting software, Vortax, delivering infostealing malware such as Rhadamanthys, Stealc, and Atomic. The threat actor “Markopolo” is linked to this campaign, posing as a legitimate software company but actually engaging in credential harvesting. This campaign highlights an increased focus on … Read more
March 30, 2024 at 03:45AM Malicious ads and bogus websites are enabling the delivery of two different stealer malware targeting Apple macOS users. These attacks aim to steal sensitive data, with one attack leveraging counterfeit websites and the other exploiting a phony software offer. The development indicates an increasing threat to macOS environments from stealer … Read more
February 16, 2024 at 09:45AM Cryptocurrency companies are targeted by a new Apple macOS backdoor called RustDoor, distributed as a Visual Studio update and used in targeted attacks. Its components include first-stage downloaders masquerading as job offering PDFs, Golang-based binaries, and leaky endpoint revealing infected victims’ details. Meanwhile, a South Korean IT organization affiliated with … Read more
February 10, 2024 at 02:21AM A new Rust-based macOS backdoor, codenamed RustDoor, has been targeting users since November 2023. It masquerades as an update for Microsoft Visual Studio, affecting both Intel and Arm architectures. The malware is capable of gathering and exfiltrating information to a command-and-control server, with links to prominent ransomware families. The U.S. … Read more
February 9, 2024 at 04:55PM Researchers at Bitdefender have uncovered a new macOS backdoor, Trojan.MAC.RustDoor, linked to the BlackCat/ALPHV ransomware family known for targeting Windows. Written in Rust coding language, the malware masquerades as a Visual Studio code editor update. It has been active for at least three months, gathering and sending data to a … Read more
February 9, 2024 at 11:00AM A new Rust-based macOS malware, known as RustDoor, has been spreading as a Visual Studio update, providing backdoor access to compromised systems. Linked to the ALPHV/BlackCat ransomware gang’s infrastructure, it communicates with command and control servers potentially associated with ransomware operations. The malware has advanced capabilities and is distributed under … Read more
January 23, 2024 at 04:11PM Fresh malware targeting Apple users in the US and Germany is infecting Bitcoin and Exodus cryptowallet applications through pirated software. Kaspersky researchers state that the malware can replace these applications with infected versions to steal recovery phrases and passwords, allowing attackers to control victims’ digital wallets. They advise against downloading … Read more
January 16, 2024 at 04:34PM The macOS platform faces persistent challenges with information stealers evading detection, as highlighted in a report by SentinelOne that presents three malware examples circumventing XProtect. KeySteal, Atomic Stealer, and CherryPie showcase the ability of malware to evolve and avoid detection, emphasizing the need for advanced security measures beyond static detection. … Read more
January 3, 2024 at 07:42AM In 2023, 21 new malware families targeting macOS systems were discovered by security researcher Patrick Wardle, representing a 50% increase from 2022. Wardle’s blog post provides detailed analysis of each family’s characteristics and their potential impact on Apple devices. Notable threats include ransomware, infostealers, APT-developed malware, and variations of existing … Read more
December 20, 2023 at 04:03AM A new Go-based information stealer malware called JaskaGO poses a cross-platform threat to Windows and Apple macOS systems, equipped with extensive commands from its C&C server. Capable of establishing persistence within the system, it employs multiple tactics for information theft and cryptocurrency theft. Its distribution method and campaign scale remain … Read more