MacOS Users Targeted With Updated Malware

Home/Targeted Attacks/MacOS Users Targeted With Updated Malware

MacOS Users Targeted With Updated Malware

New malware attacks designed to install a backdoor onto compromised MacOS systems.

Updated Malware – APT32:

Recently in a campaign, researchers discovered a new malware OceanLotus – also known as APT32,  designed to install a backdoor onto compromised systems to Vietnamese-backed hacking operation OceanLotus.

OceanLotus begins its infection journey through the use of fraudulent documents and phishing messages as legitimate.

However, the motivation for this isn’t fully understood, the aim is thought to be to using espionage to aid Vietnamese-owned companies.

The backdoor enables the hackers to to snoop on and steal confidential information and sensitive business documents.

Importantly, In a campaign by Trend Micro analysts linked it to OceanLotus comparing the similarities in code and behaviour of the malware with samples used in previous campaigns.

Follow Us on: Twitter, InstagramLinkedIn to get latest security news!

Malware Workflow:

The attack begins with phishing emails that attempt to encourage victims to run a Zip file disguised as a Word document. 

Moreover, it evades from antivirus detection using special characteristics deep inside a series of Zip folders.

Secondly, at this stage an initial payload is already working on the machine and it changes access permissions in order to load a second-stage payload.

Which then prompts the installation of a third-stage payload, which downloads the backdoor onto the system.

Like this, installing malwares at different stages, the malware OceanLotus aims to evade detection.

Like Older versions, the malware aims to:

  • to collect system information
  • creates a backdoor allowing the hackers to snoop on and download files
  • as well as upload additional malicious software to the system

Above all, It’s thought that the malware is still actively being developed.

“Threat groups such as OceanLotus are actively updating malware variants in attempts to evade detection and improve persistence,” wrote researchers.

Recommendations:

To avoid falling victim to this and other malware campaigns

  • Be cautious while clicking links or downloading attachments from emails from unknown sources
  • Apply security patches/updates to Software and Operation Systems
  • Educate employees on Email Security
By | 2020-12-01T21:05:05+05:30 December 1st, 2020|Targeted Attacks|

About the Author:

FirstHackersNews- Identifies Security

15 Comments

  1. sikis izle December 19, 2020 at 11:44 pm - Reply

    Whats up very nice site!! Guy .. Beautiful .. Wonderful .. Shea Had Purdy

  2. yetiskin December 20, 2020 at 2:47 am - Reply

    Well I really enjoyed reading it. This article offered by you is very effective for proper planning. Batsheva Brett Kenti

  3. turkce December 20, 2020 at 4:32 am - Reply

    I do not even know the way I finished up here, but I thought this submit was once good. Evanne Field Azar

  4. turkce December 20, 2020 at 7:21 am - Reply

    I like reading through an article that will make men and women think. Also, thanks for permitting me to comment. Marie-Jeanne Quentin Ricki

  5. yetiskin December 20, 2020 at 9:47 am - Reply

    Hi there colleagues, good piece of writing and pleasant arguments commented at this place, I am really enjoying by these. Allissa Mahmud Daberath

  6. bedava December 23, 2020 at 12:47 pm - Reply

    I really like looking through an article that will make men and women think. Danice Rhett Roarke

  7. yify December 23, 2020 at 4:25 pm - Reply

    Absolutely indited articles , thankyou for information . Colleen Lowrance Urquhart

  8. torrent December 23, 2020 at 6:00 pm - Reply

    There is certainly a great deal to find out about this subject. I love all the points you have made. Ardyth Norman Kinelski

  9. web-dl December 24, 2020 at 10:07 am - Reply

    Im thankful for the article post. Thanks Again. Really Cool. Abigael Adamo Lodmilla

  10. Howard January 18, 2021 at 10:19 am - Reply

    Nice post. I was checking constantly this blog and I’m impressed!
    Very useful information specially the last part 🙂 I care for such
    info a lot. I was seeking this certain information for a long time.

    Thank you and good luck.

  11. Casie January 19, 2021 at 3:29 am - Reply

    What i do not realize is in fact how you are no longer really a lot more
    neatly-preferred than you might be now. You’re so intelligent.
    You understand thus considerably on the subject of this subject, made me personally consider it from so
    many numerous angles. Its like women and men are not interested except it’s something to do with Lady gaga!

    Your personal stuffs nice. All the time maintain it up!

  12. cheap flights January 29, 2021 at 4:35 pm - Reply

    Wow, this paragraph is good, my sister is analyzing these kinds
    of things, thus I am going to convey her.

  13. cheap flights January 30, 2021 at 12:42 pm - Reply

    Hello, just wanted to mention, I liked this article.
    It was helpful. Keep on posting!

  14. julius matthes March 3, 2021 at 1:49 pm - Reply

    An impressive share! I have just forwarded this onto a colleague
    who has been doing a little homework on this. And he in fact ordered me breakfast simply because
    I found it for him… lol. So let me reword this….
    Thank YOU for the meal!! But yeah, thanks for spending
    the time to talk about this subject here on your blog.

  15. tantric massages in london March 22, 2021 at 5:06 am - Reply

    Very informative article post. Want more.

Leave A Comment

Subscribe to our newsletter to receive security tips everday!