|
Title: BrandPost: Sophisticated Mac OS Malware Uses Trust and Developer Certificates Post by: HCK on December 04, 2017, 04:05:18 pm BrandPost: Sophisticated Mac OS Malware Uses Trust and Developer Certificates
<article> <section class="page"> <p>If the ransomware incident involving the tampered Transmission app in late 2016 started something, it’s that threat actors are now getting interested in compromising Mac OS users.</p><p>Recent events involving the Proton remote access Trojan (RAT distributed through the popular Elmedia media player software) show cybercriminals are actively targeting highly popular applications – an app with more than 1 million downloads in this case – to maximize their chances of infection.</p><p>There’s no reason to assume Mac malware will fade away. If anything, we’ve learned that attackers are active in their use of popular applications to smuggle data-stealing malware. Supply chain attacks that involve compromising the app vendor’s website and replacing the legitimate app with a tampered one are now a fact, as compromising websites is usually just a matter of persistence. Finding and exploiting vulnerabilities in webpages to allow unauthorized access can be more effective than finding a zero-day vulnerability in Mac OS.</p><p class="jumpTag"><a href="/article/3237678/macs/sophisticated-mac-os-malware-uses-trust-and-developer-certificates.html#jump">To read this article in full, please click here[/url]</p></section></article> Source: BrandPost: Sophisticated Mac OS Malware Uses Trust and Developer Certificates (https://www.macworld.com/article/3237678/macs/sophisticated-mac-os-malware-uses-trust-and-developer-certificates.html#tk.rss_all) |