MacOS Users Targeted With Updated Malware

Home/Targeted Attacks/MacOS Users Targeted With Updated Malware

MacOS Users Targeted With Updated Malware

New malware attacks designed to install a backdoor onto compromised MacOS systems.

Updated Malware – APT32:

Recently in a campaign, researchers discovered a new malware OceanLotus – also known as APT32,  designed to install a backdoor onto compromised systems to Vietnamese-backed hacking operation OceanLotus.

OceanLotus begins its infection journey through the use of fraudulent documents and phishing messages as legitimate.

However, the motivation for this isn’t fully understood, the aim is thought to be to using espionage to aid Vietnamese-owned companies.

The backdoor enables the hackers to to snoop on and steal confidential information and sensitive business documents.

Importantly, In a campaign by Trend Micro analysts linked it to OceanLotus comparing the similarities in code and behaviour of the malware with samples used in previous campaigns.

Follow Us on: Twitter, InstagramLinkedIn to get latest security news!

Malware Workflow:

The attack begins with phishing emails that attempt to encourage victims to run a Zip file disguised as a Word document. 

Moreover, it evades from antivirus detection using special characteristics deep inside a series of Zip folders.

Secondly, at this stage an initial payload is already working on the machine and it changes access permissions in order to load a second-stage payload.

Which then prompts the installation of a third-stage payload, which downloads the backdoor onto the system.

Like this, installing malwares at different stages, the malware OceanLotus aims to evade detection.

Like Older versions, the malware aims to:

  • to collect system information
  • creates a backdoor allowing the hackers to snoop on and download files
  • as well as upload additional malicious software to the system

Above all, It’s thought that the malware is still actively being developed.

“Threat groups such as OceanLotus are actively updating malware variants in attempts to evade detection and improve persistence,” wrote researchers.

Recommendations:

To avoid falling victim to this and other malware campaigns

  • Be cautious while clicking links or downloading attachments from emails from unknown sources
  • Apply security patches/updates to Software and Operation Systems
  • Educate employees on Email Security
By | 2020-12-01T21:05:05+05:30 December 1st, 2020|Targeted Attacks|

About the Author:

FirstHackersNews- Identifies Security

9 Comments

  1. sikis izle December 19, 2020 at 11:44 pm - Reply

    Whats up very nice site!! Guy .. Beautiful .. Wonderful .. Shea Had Purdy

  2. yetiskin December 20, 2020 at 2:47 am - Reply

    Well I really enjoyed reading it. This article offered by you is very effective for proper planning. Batsheva Brett Kenti

  3. turkce December 20, 2020 at 4:32 am - Reply

    I do not even know the way I finished up here, but I thought this submit was once good. Evanne Field Azar

  4. turkce December 20, 2020 at 7:21 am - Reply

    I like reading through an article that will make men and women think. Also, thanks for permitting me to comment. Marie-Jeanne Quentin Ricki

  5. yetiskin December 20, 2020 at 9:47 am - Reply

    Hi there colleagues, good piece of writing and pleasant arguments commented at this place, I am really enjoying by these. Allissa Mahmud Daberath

  6. bedava December 23, 2020 at 12:47 pm - Reply

    I really like looking through an article that will make men and women think. Danice Rhett Roarke

  7. yify December 23, 2020 at 4:25 pm - Reply

    Absolutely indited articles , thankyou for information . Colleen Lowrance Urquhart

  8. torrent December 23, 2020 at 6:00 pm - Reply

    There is certainly a great deal to find out about this subject. I love all the points you have made. Ardyth Norman Kinelski

  9. web-dl December 24, 2020 at 10:07 am - Reply

    Im thankful for the article post. Thanks Again. Really Cool. Abigael Adamo Lodmilla

Leave A Comment

Subscribe to our newsletter to receive security tips everday!