Page 11 - AeM_September_2020
P. 11
RESEARCH
ANALYSIS
TRENDS
Apple operating system increasingly the
target of malware
MacOS has the reputation of being a relatively attack- 2. CookieMiner is a fatal malware as it can be used
proof operating system. Not only among Apple users, as a cryptominer and backdoor at the same time.
MacOS has always been far less susceptible to When the device is infected, CookieMiner installs
malware and cyberattacks than the market leader its own Monero crypto miner and an Empyre back
Windows. The fact is, however, that even Mac users door. Security researchers warn that the malware
are not immune to compromises or dangerous can steal sufficient credentials to prevent
infections, as there is more and more malware that multifactor authentication and give hackers access
specifically targets MacOS. to users' crypto wallets.
According to the expert team of SentinelOne, cyber 3. Lazarus is by no means new malware but a
criminals started to focus now more on Apple's Mac persistent threat that allows attackers to gain full
platform, as the following ten malware attacks on control over a device, using a back door connected
MacOS demonstrate: to a command and control server to take over the
device.
1. OSX.DOK is malware that installs a hidden version
of the Tor browser and other hacking tools which 4. OSX.Pirrit is an adware and browser hijacker that
are designed to steal user data and track traffic redirects users to risky websites and is also likely
while doing the best it can to go undetected. It is to be able to spy on users.
usually spread via a phishing campaign and can
read all Internet traffic, including encrypted one. 5. OSX.Siggen is malware delivered through a fake
The malware writes several Apple domain names WhatsApp message pretending to offer WhatsApp
to the local hosts file so that connections to them for phones and computers. On a Mac, this then
are automatically redirected to 127.0.0.0.1. Once leads to unwanted download of the malware that
the malware begins to capture the user's traffic, it allows the hackers to take control of the device via
connects to a server on the dark net and begins a hidden backdoor.
exfiltration.
11 September 2020: Cybersecurity & Data Safety: perpetual awareness and innovation