![]() The vast majority of attacks like these have target Windows via exploits in Word. There are other strong indications that the attackers were Chinese speakers, Kaspersky notes, adding that this is also just one of thousands of targeted cyber attacks on Tibetan and Uyghur supporters. The IP address for the command and control server points to Los Angeles, California, but a domain which used to point there was registered on March 8, by one Shanghai Meicheng Technology Information Co., Ltd, with contact details for the registrar pointing to Beijing. Since this was probably done for debugging purposes, the malware may be an early prototype. Who were the perpetrators? Kaspersky mentions that throughout the malware's code, the attackers included various messages in Chinese. Once the victim received a text message that included a certain protocol, the malware would send the collected data back to the command-and-control server. Data about the phone, including the phone number, what version OS it uses and the phone model. Contacts that are stored on both the phone and the SIM card According to Kaspersky, that information would include: Time will tell if Apple decides to side with those who stand against these PUPs, by revoking their entitlements.As the target is reading the message, malicious software they had inadvertently installed would report back to a command-and-control server, before collecting information from the phone. At the time of writing, Apple is implicitly siding with the PUPs, providing them protection against removal. With the protection involved in the system extension entitlement, there is no longer any middle ground. The report concludes:Īpple’s days of sitting on the fence are now over. Also troubling is how the report notes that Apple security measures introduced in macOS 10.15 Catalina prevent users from uninstalling some PUPs without disabling System Integrity Protection. The Mac section of the full report contains some disturbing details, such as a description of the bizarre ThiefQuest malware, which fakes a ransomware attack while exfiltrating personal data from your Mac. It’s worth keeping in mind that actual malware-the truly malicious stuff-accounted for just 1.5% of all Mac detections in 2020, with the rest being adware and so-called potentially unwanted programs (PUPs), which is just a nice term for crapware like browser toolbars that clutter your browser, display ads, and track you. Overall malware detections decreased 38% on the Mac, though Mac malware in businesses increased 31%. Malwarebytes Labs has published its 2021 report on malware, reflecting on the state of malware threats in 2020 based on detections in the Malwarebytes apps and services. Malwarebytes Reports on the State of Mac Malware in 2020 #1649: More LastPass breach details and 1Password switch, macOS screen saver problem, tvOS 16.3.3 fixes Siri Remote bug.#1650: Cloud storage changes for Box, Dropbox, Google Drive, and OneDrive quirky printing problem.#1651: Dealing with leading zeroes in spreadsheet data, removing ad tracking from ckbk.#1652: OS updates, DPReview shuttered, LucidLink cloud storage.#1653: Apple Music Classical review, Authory service for writers, WWDC 2023 dates announced.
0 Comments
Leave a Reply. |