New backdoor for macOS detected

Anti-virus company ESET has announced the discovery of a new version of the malicious software of the cybercrime group OceanLotus, which is a backdoor for the macOS platform.

The backdoor file is encrypted and processed using the UPX-packer, which makes it difficult to detect it by a number of IB solutions. However, many macOS users ignore security products, so protecting the backdoor from detection is of secondary importance.

When launching, the malware checks if the device belongs to the Mac family (MacBook Pro, MacBook Air). The information that cyber threat sends to the command C & C server contains information about the processor, memory, device serial number, and MAC addresses of the network interface.

ESET experts note that the C & C servers used by the backdoor were created relatively recently – November 22, 2018.

MacOS security users often ignore antivirus software. At the same time, analysts record a rapid increase in the number of malicious programs for Apple computers – according to the German independent laboratory AV-TEST, in just one year their number increased threefold, from 28.9 to 93.3 thousand.

OceanLotus has been active since at least 2012. Campaigns of cybercriminals are often aimed at government structures, parties and commercial organizations in the countries of Southeast Asia.

Zorain Zubair
Zorain is co-founder of TechLapse. Based in Pakistan, Zorain is currently studying Business Management and aims to achieve the title of Chartered Accountant. Zorain loves writing about various technology news. He can be reached at: [email protected]

Recent News

Google, Intel and Microsoft form a consortium for data protection

Google, Intel, Microsoft and seven other companies have established the Confidential Computing Consortium to help define and accelerate open source technology that offers truly...

Get daily news in your inbox

We hate spam too!