![]() New Mac Malware OSX/Proton.B Distributed Via HandBrake Download Server ![]() ![]() The second variant (OSX/Dok.B) is a full-fledged remote access Trojan (RAT) that attempts to steal keychains, iOS backups, iMessage chat history, and more from your Mac.įor more details, see OSX/Dok Can Read Encrypted Web Traffic, Open a Backdoor.Īlthough Apple updated its XProtect signatures and revoked the Apple Developer ID used to sign the first variant, CheckPoint noted that the attackers already began using a new Developer ID and began to further obfuscate their code to try to avoid detection. The first variant (OSX/Dok.A) disguises itself as an old version of the macOS Preview app and the Mac App Store, tricking users into typing their password, which then allows the malware to install a malicious SSL/TLS certificate and a TOR proxy to intercept all Web traffic, including sites that would normally be (and may still appear to be) secure.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |