![]() The other piece of malware masquerades as a Google Update application and is downloaded from a different server. One of the two new pieces of malware is an information-stealer that profiles the Mac it's running on, steals the user's Keychain database (containing passwords and other sensitive data), and packages all the data in a Zip file before sending it back to the same server from which the information-stealer is downloaded. There's a little something extra in the fake iTerm2 app - a "downloader" that itself reaches out to an online server and installs at least two more strains of malware. (The real iTerm2 app is notarized.) But even though a Mac will notify a user that an app hasn't been notarized, the user can still choose to install it. ![]() The fake app wasn't "notarized" with an extra security badge that Apple grants apps it has verified to be trustworthy. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |