BrandPost: Sophisticated Mac OS Malware Uses Trust and Developer Certificates<article>
<section class="page">
<p>If the ransomware incident involving the tampered Transmission app in late 2016 started something, it’s that threat actors are now getting interested in compromising Mac OS users.</p><p>Recent events involving the Proton remote access Trojan (RAT distributed through the popular Elmedia media player software) show cybercriminals are actively targeting highly popular applications – an app with more than 1 million downloads in this case – to maximize their chances of infection.</p><p>There’s no reason to assume Mac malware will fade away. If anything, we’ve learned that attackers are active in their use of popular applications to smuggle data-stealing malware. Supply chain attacks that involve compromising the app vendor’s website and replacing the legitimate app with a tampered one are now a fact, as compromising websites is usually just a matter of persistence. Finding and exploiting vulnerabilities in webpages to allow unauthorized access can be more effective than finding a zero-day vulnerability in Mac OS.</p><p class="jumpTag"><a href="/article/3237678/macs/sophisticated-mac-os-malware-uses-trust-and-developer-certificates.html#jump">To read this article in full, please click here[/url]</p></section></article>
Source:
BrandPost: Sophisticated Mac OS Malware Uses Trust and Developer Certificates
