We found an EXE application that specifically runs on Mac to download an adware and info stealer, sidestepping built-in protection systems on the platform such as Gatekeeper. We suspect the cybercriminals developing this routine as an evasion technique for damaging infections and attacks in the future as our telemetry showed the highest numbers to be in the UK, Australia, Armenia, Luxembourg, South Africa and the US.
Read More
October’s macOS security update contained a fix for a vulnerability that Trend Micro privately disclosed to Apple earlier this year. The vulnerability (designated as CVE-2017-13811), was in the fsck_msdos system tool. This tool checks for and fixes errors in devices formatted with the FAT filesystem, and is automatically invoked by macOS when a device using FAT (such as a USB disk or an SD card) is inserted.
Read MoreA critical Mac vulnerability was discovered by OS X security researcher Pedro Vilaca last week. According to his research, any attacker can disable the BIOS lock just by taking advantage of a flaw in Apple’s S3 sleep state (more known as ‘standby mode’) suspend-resume implementation. Once an attacker does this, he can install bootkit malware onto a Mac BIOS without…
Read MoreIn an earlier blog post, we tackled what Wirelurker malware is and its security implications and risks for iOS and OSX devices. Within hours of the discovery of this malware, a Windows-based malware (detected as TROJ_WIRELURK.A) that performs the same attack was also seen in the wild. In this blog post, we’d like to share practices…
Read MoreSince the discovery of Shellshock, Trend Micro has continuously monitored the threat landscape for any attacks that may leverage these vulnerabilities. So far, we have identified an active IRC bot, exploit attempts in Brazil and China, botnet attacks, and a wide variety of malware payloads such as ELF_BASHLITE.A, ELF_BASHLET.A, and PERL_SHELLBOT.WZ among others. It is reported that…
Read More