Jan. 22, 2024, 8:05 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

A month ago, we discovered some cracked apps circulating on pirating websites and infected with a Trojan proxy. The malicious actors repackaged pre-cracked applications as PKG files with an embedded Trojan proxy and a post-install script initiating the infection. We recently caught sight of a new, hitherto unknown, macOS malware family that was piggybacking on cracked software. The threat proved far more potent than an unauthorized proxy server installation.


Stage 1. Activator.app


The samples we found could be successfully run …

applications apps backdoor caught cracked cracked software embedded family files infection install macos macos backdoor macos malware malicious malicious actors malware proxy script software stealing trojan websites

Digital Security Infrastructure Manager

@ Wizz Air | Budapest, HU, H-1103

Sr. Solution Consultant

@ Highspot | Sydney

Cyber Security Analyst III

@ Love's Travel Stops | Oklahoma City, OK, US, 73120

Lead Security Engineer

@ JPMorgan Chase & Co. | Tampa, FL, United States

GTI Manager of Cybersecurity Operations

@ Grant Thornton | Tulsa, OK, United States

GCP Incident Response Engineer

@ Publicis Groupe | Dallas, Texas, United States