Safety And Security

Mac Malware that Spoofs Trading App Steals User Information, Uploads it to Website

Posted on Author dragonip Comments Off on Mac Malware that Spoofs Trading App Steals User Information, Uploads it to Website
Trend Micro

We recently found and analyzed a malicious malware variant that disguised itself as a legitimate Mac-based trading app called Stockfolio. We found two variants of the malware family. The first one contains a pair of shell scripts and connects to a remote site to decrypt its encrypted codes while the second sample, despite using a simpler routine involving a single shell script, is actually incorporates a persistence mechanism.

The post Mac Malware that Spoofs Trading App Steals User Information, Uploads it to Website appeared first on .

Multimedia
All Other Multimedia:
image/jpeg iconMalware-200x125_15.jpg (4.01 KB)

Language:
English

read more

Post Views: 866
dragonip

Related Articles
Safety And Security

49 Disguised Adware Apps With Optimized Evasion Features Found on Google Play

Posted on Author

Trend Micro We recently found 49 new adware apps on Google Play, disguised as games and stylized cameras. Before they were taken down by Google, the total number of downloads for these apps was more than 3 million. This recent incident continues an ongoing trend of mobile adware surges The post 49 Disguised Adware Apps […]
Safety And Security

49 Disguised Adware Apps With Optimized Evasion Features Found on Google Play

Posted on Author

Trend Micro We recently found 49 new adware apps on Google Play, disguised as games and stylized cameras. Before they were taken down by Google, the total number of downloads for these apps was more than 3 million. This recent incident continues an ongoing trend of mobile adware surges The post 49 Disguised Adware Apps […]
Safety And Security

New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign

Posted on Author dragonip

Trend Micro We found a new modular fileless botnet malware, which we named “Novter,” (also reported and known as “Nodersok” and “Divergent”) that the KovCoreG campaign has been distributing since March. We’ve been actively monitoring this threat since its emergence and early development, and saw it being frequently updated. KovCoreG, active since 2011, is a […]