![]() ![]() ![]() An anti-analysis AppleScript to perform evasion tasks from certain consumer-level monitoring and cleanup tools Mac malware uses 'run-only' AppleScripts to evade analysis By Ionut Ilascu Janu12:33 PM 2 A cryptocurrency mining campaign targeting macOS is using malware that has evolved into a. ![]() A script that downloads and sets up XMR-STAK-RX, a free, open-source monero RandomX miner software package.#MALWARE USED RUNONLY APPLESCRIPTS TO AVOID SOFTWARE# The researchers say that once the malware has compromised a macOS device, it will seek to kill several processes, including Activity Monitor, which prevents the user from inspecting resource usage. Other security researchers have reported attacks targeting macOS devices to plant cryptominers or other types of malware.Įarlier this month, researchers at Intezer Labs uncovered a campaign using a remote access Trojan dubbed ElectroRAT that had been stealing cryptocurrency from digital wallets on Windows, Linux and macOS platforms (see: ElectroRAT Malware Targets Cryptocurrency Wallets). In December, researchers at Trend Micro uncovered a macOS backdoor variant linked to an advanced persistent threat group operating from Vietnam. The malware used an updated backdoor and multistage payloads as well as anti-detection techniques to help bypass security tools (see: Fresh MacOS Backdoor Variant Linked to Vietnamese Hackers). In July 2020, the security firm ESET reported a group of spoofed cryptocurrency trading apps was targeting devices running macOS to install malware called Gmera (see: Malicious Cryptocurrency Trading Apps Target MacOS Users). #MALWARE USED RUNONLY APPLESCRIPTS TO AVOID INSTALL# #MALWARE USED RUNONLY APPLESCRIPTS TO AVOID CODE#.#MALWARE USED RUNONLY APPLESCRIPTS TO AVOID SOFTWARE#.#MALWARE USED RUNONLY APPLESCRIPTS TO AVOID FULL#.#MALWARE USED RUNONLY APPLESCRIPTS TO AVOID INSTALL#.#MALWARE USED RUNONLY APPLESCRIPTS TO AVOID SERIAL NUMBER#. ![]()
0 Comments
Leave a Reply. |