• About
  • Advertise
  • Careers
  • Contact
Monday, March 20, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

New Mac Malware Uses ‘Fileless’ Technique To Attack Stealthily

by Cyber360 News
December 7, 2019
in Security
0
New Mac Malware Uses ‘Fileless’ Technique To Attack Stealthily
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter

Notorious hacking group Lazarus which is also behind the widespread WannaCry ransomware is trying to infect Mac users with new malware that uses ‘fileless’ technique to hide from antivirus software.

As highlighted by Patrick Wardle, a Mac security expert, this new malware deploys in-memory execution or fileless infection that involves malware not writing anything to your device’s hard drive. The malicious code is loaded directly into memory and executed from there. This technique makes it difficult for endpoint detection software to spot it as there is no file to be flagged.

However, there is a silver lining — the malware isn’t completely fileless as the first stage involves installing a cryptocurrency app dubbed UnionCryptoTrader.dmg. According to VirusTotal, now 17 out of 57 malware detection software can spot it. Previously, this number was just 2 when the malware was brought to light earlier this week.

Patrick Wardle’s analysis details the working of the malware and it can perform the following operations:

Objective-see

This results in a binary named unioncryptoupdated that runs as root and can also survive a reboot.

The reason why researchers think that Lazarus is behind this malware is the fact that the plist and binary of the launch daemon are stored in the resource directory of the application. This is a technique particularly used by the Lazarus group.

In his blog, Patrick Wardle writes: “As the layout of an in-memory process image is different from its on disk-in image, one cannot simply copy a file into memory and directly execute it.  Instead, one must invoke APIs such as NSCreateObjectFileImageFromMemory and NSLinkModule (which take care of preparing the in-memory mapping and linking).”

The malware usually targets those who are involved in cryptocurrency trading. To steer clear of the malware and protect yourself, ensure that you do not install any suspicious app from the internet.

LEARN MACHINE LEARNING SQUARE AD
Also Read: SyncStop Is A USB Condom That You Need To Protect Your Data
Cyber360 News

Cyber360 News

Next Post
Russian Cops Are Selling Surveillance System Data To Hackers: Report

Russian Cops Are Selling Surveillance System Data To Hackers: Report

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In