ExTS Admin Starbuck Posted July 7, 2018 ExTS Admin Posted July 7, 2018 OSX.Dummy depends on substantial help from an unwary victim. A new strain of MacOS malware is targeting those who like to discuss their cryptocurrency investing in Slack or Discord groups. It depends on a certain level of naiveté on the part of the victim - a level that resulted in the strain being labeled OSX.Dummy. The social engineering attack presents a request from a user identifying themselves as an administrator of the group. They ask the victim to run a lengthy command in a terminal window, then ignore the 34 Mbyte file that is downloaded. The file is a large mach064 binary (34M), rating a perfect score of 0 / 60 on virustotal. If the victim does both of these things, they find that their Macintosh has been hijacked by a hacker using a C&C server in the Netherlands. In a comment supplied to Dark Reading, Ryan Benson, senior threat researcher at Exabeam said, "A lot of otherwise non-technical people have jumped on the cryptocurrency bandwagon and want to get involved. Cryptocurrencies are inherently technical, so these less-technical users may be used to following technical how-tos without really understanding what the commands they run are doing. This puts them in dangerous territory and ripe for an attack like this, even if it is 'dumb.'" Source: New Malware Strain Targets Cryptocurrency Fans Who Use Macs Quote Member of:UNITE
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.