Anti-virus company ESET has announced the discovery of a new version of the malicious software of the cybercrime group OceanLotus, which is a backdoor for the macOS platform.

The backdoor file is encrypted and processed using the UPX-packer, which makes it difficult to detect it by a number of IB solutions. However, many macOS users ignore security products, so protecting the backdoor from detection is of secondary importance.

When launching, the malware checks if the device belongs to the Mac family (MacBook Pro, MacBook Air). The information that cyber threat sends to the command C & C server contains information about the processor, memory, device serial number, and MAC addresses of the network interface.

ESET experts note that the C & C servers used by the backdoor were created relatively recently – November 22, 2018.

MacOS security users often ignore antivirus software. At the same time, analysts record a rapid increase in the number of malicious programs for Apple computers – according to the German independent laboratory AV-TEST, in just one year their number increased threefold, from 28.9 to 93.3 thousand.

OceanLotus has been active since at least 2012. Campaigns of cybercriminals are often aimed at government structures, parties and commercial organizations in the countries of Southeast Asia.

Zorain Zubair
Zorain is co-founder of TechLapse. Based in Pakistan, Zorain is currently studying Business Management and aims to achieve the title of Chartered Accountant. Zorain loves writing about various technology news. He can be reached at: [email protected]
0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments

You may also like

More in:Global