Avast Blog_Security News: This week: Sneaky malware, fishy phish, and more
#1
Information 
Quote:
[Image: TVDumYE.png]

[Image: avast-security-news-roundup-9-3.jpg?width=900]

Windows malware attacks Macs, a strange phishing scam arises, 617M stolen accounts are for sale, and Trump wants more AI.

Phishing scam has fishy URLs

There’s a phishing campaign afoot that tries scamming users into believing their email accounts have been compromised. The phishing email claims multiple verification errors have caused the users’ accounts to be blacklisted and the only fix is an immediate login with the proper credentials. The email provides a link that reads CONFIRM YOUR EMAIL, and when users click on it, they are taken to a fake login page based on their particular email service. If they enter their credentials, the info is sent back to the malware’s C&C (command-and-control server).

A twist to this otherwise-typical phishing campaign is that the emails include URLs ranging from 400 to almost 1,000 characters long. Experts don’t yet understand the reason to include such a long URL, venturing early guesses that perhaps it is to deliberately add confusion or perhaps hide info within the long URL string. In any event, be wary of any email you receive claiming your account has been blacklisted.

Windows malware meant for Macs

In a move that circumvents the macOS Gatekeeper protocol, a series of malicious executables are making their way onto the machines of Mac users who install cracked software. Using the open source Mono framework, the threat actors created info stealers and adware for Macs, but as Windows EXE binaries. A set of these malicious files have been found bundled with cracked software distributed on torrent websites. When users download the pirated software, the malware gets around Gatekeeper thanks to its Windows status. Not recognizing the file as native to Mac, Gatekeeper does not check the file’s notarization status or Developer ID signature.

So far, the planted malware in the bundles triggers a payload of ads and steals all hardware and software information on that particular machine, sending the info back to its C&C. While the damage is relatively minimal with this malware, threat actors could create Windows EXE binaries for more harmful cyberattacks, including ransomware. As always, all users are strongly advised to stay away from cracked software.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Find out if an USB device is fake with f...
Fake USB devices c...harlan4096 — 08:47
Windows 11 KB5048685 Update causes Wi-Fi...
The KB5048685 Upda...harlan4096 — 12:36
Windows 11: issue may prevent further in...
The latest version...harlan4096 — 08:47
Notepad++ v8.7.5 (2024-12-25)
Notepad++ v8.7.5 (...harlan4096 — 08:16
AdGuard for Mac 2.16.2
AdGuard for Mac 2....harlan4096 — 08:13

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>