Jan. 22, 2024, 8:05 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

A month ago, we discovered some cracked apps circulating on pirating websites and infected with a Trojan proxy. The malicious actors repackaged pre-cracked applications as PKG files with an embedded Trojan proxy and a post-install script initiating the infection. We recently caught sight of a new, hitherto unknown, macOS malware family that was piggybacking on cracked software. The threat proved far more potent than an unauthorized proxy server installation.


Stage 1. Activator.app


The samples we found could be successfully run …

applications apps backdoor caught cracked cracked software embedded family files infection install macos macos backdoor macos malware malicious malicious actors malware proxy script software stealing trojan websites

Information Security Engineers

@ D. E. Shaw Research | New York City

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Information System Security Engineer 2

@ Wyetech | Annapolis Junction, Maryland

Staff Vulnerability/Configuration Management Security Engineer

@ ServiceNow | Hyderabad, India

Security Engineer

@ AXS | London, England, UK