Hackers exfiltrating data from MacOS devices using malicious EXE files

Hackers exfiltrating data from MacOS devices using malicious EXE files

Silver Sparrow malware infected 30,000 MacOS devices worldwide

Cyber criminals have found a way to inject malware into MacOS devices and exfiltrate information about installed applications by using a malware-ridden EXE file which only runs on Windows platforms.

Millions of individuals and corporate users across the globe use MacOS devices for their daily tasks and entertainment. However, people often need to use certain programmes which work only on Windows platforms and to make things easier for them, there are customised software available that let users run Windows programmes in MacOS devices.

One such software is Mono, a free system that lets users run Windows applications in MacOS and other operating systems. According to security researchers at Kaspersky Lab, cyber criminals have found a way to package the Mono framework with malware, thereby making the malware run successfully on devices running the MacOS operating system.

Malware exfiltrates application data from MacOS devices

“After installation, the malware first collects information about the infected system. Cybercriminal interest is focused on the name of the model, device IDs, processor specifications, RAM, and many other things. The malware also harvests and sends information about installed applications to its C&C server.

“Simultaneously, it downloads several more images to the infected computer with installers masked as Adobe Flash Media Player, or Little Snitch. They are in fact run-of-the-mill adware tools that pester you with banners,” the researchers said.

Considering that Gatekeeper, the security programme in MacOS that scans programmes running on a MacOS device, does not scan EXE files as such files are not designed to work in the OS, the malware injected using the Mono framework gets to complete its tasks without the least interference.

According to the researchers, if MacOS users need to run software on their devices that help them use Windows applications, then they must install the genuine software and not its pirated versions. At the same time, if users are downloading applications from unknown sources, they must ensure that such applications do not feature extra files that are either unnecessary or suspicious.

ALSO READ: 90% of free antivirus apps can’t defend against Android malware

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]