macOS Archives - Cyber Security Minute

Zero-Click Apple Shortcuts Vulnerability Allows Silent Data Theft

Issued by: Dark Reading

A dangerous vulnerability in Apple Shortcuts has surfaced, which could give attackers access to sensitive data across the device without the user being asked to grant permissions. Apple’s Shortcuts application, designed for macOS and iOS, is aimed at automating tasks. For businesses, it allows users to create macros for executing specific tasks on their devices,…

Malware & Threats

MacOS Targeted by New Backdoor Linked to ALPHV Ransomware

Issued by: Dark Reading

Researchers have discovered a new backdoor targeting macOS that appears to have ties to an infamous ransomware family that historically targets Windows systems. Researchers at Bitdefender say the so-called Trojan.MAC.RustDoor is likely linked to BlackCat/ALPHV. The newly discovered backdoor is written in Rust coding language and impersonates an update for Visual Studio code editor. Bitdefender…

Malware & Threats

MacOS Malware Targets Bitcoin, Exodus Cryptowallets

Issued by: Dark Reading

Fresh malware targeting Apple users in the US and Germany is infecting Bitcoin and Exodus cryptowallet applications with a Trojan distributed through pirated software, according to Kaspersky researchers. The malware is delivered via cracked applications and can replace Exodus and Bitcoin cryptowallet applications installed on the user’s machine with infected versions that steal secret recovery…

Malware & Threats

North Korea Debuts ‘SpectralBlur’ Malware Amid macOS Onslaught

Issued by: Dark Reading

The prolific North Korean state-backed threat actor known as TA444 is back with shiny new malware for targeting macOS users, dubbed “SpectralBlur.” The custom tool is the latest in a string of proprietary malware that the advanced persistent threat (APT) group has been consistently generating — a trait that sets it apart from other DPRK-sponsored…

Malware & Threats

Expert warns of Turtle macOS ransomware

Issued by: Security Affairs

The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting it is not a sophisticated threat. However, the malicious code was generally detected as “Other:Malware-gen”, “Trojan.Generic”, or…

Malware & Threats

North Korea’s BlueNoroff APT Debuts ‘Dumbed Down’ macOS Malware

Issued by: Dark Reading

North Korean state hackers have debuted a fresh Mac malware targeting users in the US and Japan, which researchers characterize as “dumbed down” but effective. An arm of the DPRK’s notorious Lazarus Group, BlueNoroff has been known to raise money for the Kim regime by targeting financial institutions — banks, venture capital firms, cryptocurrency exchanges…

Software Security

‘KandyKorn’ macOS Malware Lures Crypto Engineers

Issued by: Dark Reading

The infamous North Korean advanced persistent threat (APT) group Lazarus has developed a form of macOS malware called “KandyKorn,” which it is using to target blockchain engineers connected to cryptocurrency exchanges. According to a report from Elastic Security Labs, KandyKorn has a full-featured set of capabilities to detect, access, and steal any data from the…

Malware & Threats

Thousands of Systems Turned Into Proxy Exit Nodes via Malware

Issued by: SecurityWeek

To date, AT&T Alien Labs researchers have identified over 400,000 systems that act as proxy exit nodes in this network. However, it is unclear how many of these were infected, and the company that offers the proxy service claims that all devices pertain to users who are aware of the proxy application’s functionality. Last week,…

Malware & Threats

Experts found components of a complex toolkit employed in macOS attacks

Issued by: Security Affairs

Bitdefender researchers discovered a set of malicious files with backdoor capabilities that are suspected to be part of a sophisticated toolkit designed to target Apple macOS systems. The investigation is still ongoing, the experts pointed out that the samples are still largely undetected. The researchers analyzed a total of four samples that were uploaded to…

Malware & Threats

Supply chain blunder puts 3CX telephone app users at risk

Issued by: Naked Security

Internet telephony company 3CX is warning its customers of malware that was apparently weaseled into the company’s own 3CX Desktop App by cybercriminals who seem to have acquired access to one or more of 3CX’s source code repositories. As you can imagine, given that the company is scrambling not only to figure out what happened,…