![]() While commodity adware is by far the most prevalent threat on macOS, most new malware families that emerged in 2021 focused on espionage and data theft.Ī continued reliance on using LaunchAgents as the primary persistence mechanism.An increasing interest in targeting macOS users in the East (China and Asia).Ī drive towards attacks on developers and other ‘high-value’ targets.macOS targeted in more cross-platform malware campaigns, with malware written in Go, Kotlin and Python observed.Summary of Key Trends Emerging During 2021Īs we will describe below, several things stand out about macOS malware in 2021.In 2021 to-date, there have been ten new reported malware discoveries. Top 10 In-the-Wild macOS Malware Discoveries 2021 Let’s take a look at what was unique for each one and the main points that defenders need to be aware of. ![]() In January 2021, Intezer reported on Operation ElectroRAT, a campaign that had been running throughout 2020 targeting cryptocurrency users. ![]() This was the first of an increasingly common-trend throughout 2021: cross-platform malware written in Go targeting macOS, Linux and Windows operating systems. The aim was to get cryptocurrency users to install a trojanized application for trading and managing cryptocurrency.Īll versions were built using Electron, and once the trojan app is installed and launched, a malicious background process called “mdworker” functions as the RAT, capable of keylogging, taking screenshots, executing shell commands, and uploading and downloading files. The name was carefully chosen: “mdworker” is also the name of a legitimate system binary that powers the Mac’s Spotlight search functionality.
0 Comments
Leave a Reply. |