Page 11 - AeM_September_2020
P. 11

RESEARCH
                                                                                                                 ANALYSIS
                                                                                                                  TRENDS



































       Apple operating system increasingly the


       target of malware



       MacOS has the reputation of being a relatively attack-  2.  CookieMiner is a fatal malware as it can be used
       proof  operating  system.  Not  only  among  Apple  users,   as a cryptominer and backdoor at the same time.
       MacOS  has  always  been  far  less  susceptible  to     When  the  device  is  infected,  CookieMiner  installs
       malware  and  cyberattacks  than  the  market  leader    its own Monero crypto miner and an Empyre back
       Windows.  The  fact  is,  however,  that  even  Mac  users   door. Security researchers warn that the malware
       are  not  immune  to  compromises  or  dangerous         can  steal  sufficient  credentials  to  prevent
       infections,  as  there  is  more  and  more  malware  that   multifactor authentication and give hackers access
       specifically targets MacOS.                              to users' crypto wallets.

       According  to  the  expert  team  of  SentinelOne,  cyber   3.  Lazarus  is  by  no  means  new  malware  but  a
       criminals  started  to  focus  now  more  on  Apple's  Mac   persistent  threat  that  allows  attackers  to  gain  full
       platform,  as  the  following  ten  malware  attacks  on   control over a device, using a back door connected
       MacOS demonstrate:                                       to a command and control server to take over the
                                                                device.
        1. OSX.DOK is malware that installs a hidden version
           of the Tor browser and  other hacking tools  which   4.  OSX.Pirrit is an adware and browser hijacker that
           are  designed  to  steal  user  data  and  track  traffic   redirects users to risky websites and is also likely
           while doing the best it can to go undetected. It is   to be able to spy on users.
           usually  spread  via  a  phishing  campaign  and  can
           read  all  Internet  traffic,  including  encrypted  one.   5.  OSX.Siggen  is  malware  delivered  through  a  fake
           The malware  writes several Apple domain names       WhatsApp message pretending to offer WhatsApp
           to the local hosts file so that connections to them   for  phones  and  computers.  On  a  Mac,  this  then
           are  automatically  redirected  to  127.0.0.0.1.  Once   leads  to  unwanted  download  of  the  malware  that
           the malware begins to capture the user's traffic, it   allows the hackers to take control of the device via
           connects  to  a  server  on  the  dark  net  and  begins   a hidden backdoor.
           exfiltration.


       11                                              September 2020: Cybersecurity & Data Safety: perpetual awareness and innovation
   6   7   8   9   10   11   12   13   14   15   16