Mac, Linux Malware Selling Like Hotcakes | Cyware Alerts


Threat actors continuously updating their code with new threat vectors and obfuscation techniques is nothing new. However, a surge in malware targeting particular device groups reveals much about the shifting paradigm.

TeamTNT reinforces Black-T

TeamTNT is known to exfiltrate AWS credential files on compromised cloud systems and mine for Monero (XMR). 

  • Unit 42 researchers found a new variant of cryptojacking malware named Black-T, the brainchild of the TeamTNT cybercrime group, boosting its capabilities against Linux systems.
  • The added potential includes memory password scraping via mimipy (works on Windows/Linux/OSX) and mimipenguin (Linux desktop)—two open-source Mimikatz equivalents targeting *NIX desktops.

IPStorm prepares for thunders

First uncovered in May 2019, the IPStorm botnet has been targeting Windows systems until now. Its size has quadrupled from around 3,000 systems in May 2019 to more than 13,500 devices by September end.

  • In a recent development, experts at Intezer revealed that IPStorm now boasts of newer versions targeting Android, Linux, and Mac devices.
  • Linux and Mac devices are infected after the gang performs a brute-force technique against SSH services.
  • However, the Android systems are infected when the malware scans the internet for devices that had left their ADB (Android Debug Bridge) port exposed online.

FinSpy’s malware spin

As exposed by Amnesty International, a new surveillance campaign was reported targeting Egyptian civil society organizations.
  • FinSpy, also known as FinFisher, used new variants that target macOS and Linux users. The spyware already had tools for Windows, iOS, and Android users.
  • Besides keylogging, call interception, and screen recording, the malware’s additional capabilities included stealing emails by installing a malicious add-on to Apple Main and Thunderbird and collecting Wi-Fi network information.

Closing thoughts

Cybercriminals unfurling tools targeting Linux and Mac devices put a dent in the broadly held opinion that those operating systems are more secure and not susceptible to malicious code, unlike others. Experts recommend checking network settings and avoiding using unnecessary online applications to ensure safety. Other useful tips include configuring the firewall, filtering traffic, and protecting locally stored SSH keys used for network services.



Source link

Recent articles

Watergate Led to Reforms. Now, Would-Be Reformers Believe, So Will Trump.

Among their ideas:Revise the authorization of force passed after Sept. 11, 2001, to prohibit humanitarian military intervention without additional votes by Congress and...

PlayStation Camera Adaptor Packaged in New PSVR Bundles in Japan

PlayStation VR works with PlayStation 5, Sony confirmed previously. However, PS4’s Camera requires an adaptor for playing PSVR titles on PS5, and the new PS5...

‘I Came From Nothing’: An Undocumented Writer Defies the Odds

I came from nothing. I created all of this world myself, just like my parents as immigrants created a world themselves. These kids...

At the end of the month, my son asks me to pay his rent and says, ‘You don’t want us to be evicted do...

My adult son lost his job when he became disabled. He is married with one child. His wife — who has degrees in...

Compositing and Scene Referred Data

Peetie writes: A tutorial about compositing in Blender while respecting the scene linear data. I would say it's a video on intermediate level, because...

2K Responds To NBA 2K21 Unskippable In-Game Ad Backlash

Earlier this week, 2K was in the hot seat once more when NBA 2K21 players noticed unskippable ads that prevented them from making...

Leave a reply

Please enter your comment!
Please enter your name here