Baanboard.com

Go Back   Baanboard.com > News

User login

Frontpage Sponsor

Main

Poll
As a Customer What would do to keep your ERP Implementation intact
Proactively define Business Process-- Take the Project Ownership
50%
Handover everything to System Integrator from drawing BP till implementation of ERP
0%
Hire more inhouse skilled & capable IT Resource to work directly with SI
50%
Rely on SI Architects/Consultants
0%
Total votes: 4

Baanboard at LinkedIn


Reference Content

 
RSS Newsfeeds

Comic for July 05, 2020

Dilbert - July 6, 2020 - 12:59am
Categories: Geek

New Mac ransomware is even more sinister than it appears

Ars Technica - 4 hours 29 min ago

Enlarge (credit: Getty Images)

The threat of ransomware may seem ubiquitous, but there haven't been too many strains tailored specifically to infect Apple's Mac computers since the first full-fledged Mac ransomware surfaced only four years ago. So when Dinesh Devadoss, a malware researcher at the firm K7 Lab, published findings on Tuesday about a new example of Mac ransomware, that fact alone was significant. It turns out, though, that the malware, which researchers are now calling ThiefQuest, gets more interesting from there. (Researchers originally dubbed it EvilQuest until they discovered the Steam game series of the same name.)

In addition to ransomware, ThiefQuest has a whole other set of spyware capabilities that allow it to exfiltrate files from an infected computer, search the system for passwords and cryptocurrency wallet data, and run a robust keylogger to grab passwords, credit card numbers, or other financial information as a user types it in. The spyware component also lurks persistently as a backdoor on infected devices, meaning it sticks around even after a computer reboots, and could be used as a launchpad for additional, or "second stage," attacks. Given that ransomware is so rare on Macs to begin with, this one-two punch is especially noteworthy.

"Looking at the code, if you split the ransomware logic from all the other backdoor logic the two pieces completely make sense as individual malware. But compiling them together you're kind of like what?" says Patrick Wardle, principal security researcher at the Mac management firm Jamf. "My current gut feeling about all of this is that someone basically was designing a piece of Mac malware that would give them the ability to completely remotely control an infected system. And then they also added some ransomware capability as a way to make extra money."

Read 11 remaining paragraphs | Comments


All times are GMT +2. The time now is 21:59.


©2001-2018 - Baanboard.com - Baanforums.com