Unix and macOS malware – WindowsTechs.com

XZ backdoor story – Initial analysis

Posted on April 12, 2024 by GReAT

Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server process. Continue reading XZ backdoor story – Initial analysis→

DinodasRAT Linux implant targeting entities worldwide

Posted on March 28, 2024 by Anderson Leite, Lisandro Ubiedo

In this article, we share our analysis of a recent version of the DinodasRAT implant for Linux, which may have been active since 2022. Continue reading DinodasRAT Linux implant targeting entities worldwide→

What’s in your notepad? Infected text editors target Chinese users

Posted on March 13, 2024 by Sergey Puzan

Infected versions of the text editors VNote and Notepad‐‐ for Linux and macOS, apparently loading a backdoor, are being distributed through a Chinese search engine. Continue reading What’s in your notepad? Infected text editors target Chinese users→

Cracked software beats gold: new macOS backdoor stealing cryptowallets

Posted on January 22, 2024 by Sergey Puzan

We review a new macOS backdoor that piggybacks on cracked software to replace Bitcoin and Exodus wallets with malware. Continue reading Cracked software beats gold: new macOS backdoor stealing cryptowallets→

Cracked software beats gold: new macOS backdoor stealing cryptowallets

Posted on January 22, 2024 by Sergey Puzan

We review a new macOS backdoor that piggybacks on cracked software to replace Bitcoin and Exodus wallets with malware. Continue reading Cracked software beats gold: new macOS backdoor stealing cryptowallets→

Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

Posted on December 14, 2023 by Kaspersky GERT, GReAT

We uncovered a novel multiplatform threat named “NKAbuse”. The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities. Continue reading Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol→

FakeSG campaign, Akira ransomware and AMOS macOS stealer

Posted on December 13, 2023 by GReAT

In this report, we share our latest crimeware findings: FakeSG malware distribution campaign delivering NetSupport RAT, new Conti-like Akira ransomware and AMOS stealer for macOS. Continue reading FakeSG campaign, Akira ransomware and AMOS macOS stealer→

New macOS Trojan-Proxy piggybacking on cracked software

Posted on December 6, 2023 by Sergey Puzan

A new macOS Trojan-Proxy is riding on cracked versions of legitimate software; it relies on DNS-over-HTTPS to obtain a C&C (command and control) address. Continue reading New macOS Trojan-Proxy piggybacking on cracked software→

BlueNoroff: new Trojan attacking macOS users

Posted on December 5, 2023 by Sergey Puzan

BlueNoroff has been attacking macOS users with a new loader that delivers unknown malware to the system. Continue reading BlueNoroff: new Trojan attacking macOS users→

Kaspersky Security Bulletin 2023. Statistics

Posted on December 4, 2023 by AMR

Key statistics for 2023: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT. Continue reading Kaspersky Security Bulletin 2023. Statistics→