Beware! Your free download from the torrent sea might come with a hidden price: backdoor malware.
Researchers at Kaspersky have discovered a widespread macOS malware targeting users who download cracked copies of popular software
This insidious campaign is dubbed macOS.Bkdr.Activator silently infects users through cracked versions of popular software.
The selection of software titles being focused on encompasses a wide range of applications specifically designed for business and productivity purposes, which could potentially be highly appealing and useful in various workplace environments.
Let’s delve into its chilling tactics published by SentinelOne
Stage 1: The malware hides within seemingly legitimate cracked apps like 4K Video Downloader and iTubeGo.
Unaware users download the infected bundle containing:
Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Try Trustifi Free Threat Scan with Sophisticated AI-Powered Email Protection .
Stage 2: Activating the Backdoor
The Activator app, disguised as a savior, requests your administrator password.
Don’t grant it! This password unlocks its true agenda:
Stage 3: Reaching Out to the Dark Side
The malware isn’t alone. It:
“The campaign is ongoing and we continue to track and identify new malicious samples. When the policy is set to ‘Protect’, the SentinelOne agent blocks execution of malicious samples,” reads the report.
Follow us on LinkedIn for the latest cybersecurity news, whitepapers, infographics, and more. Stay informed and up-to-date with the latest trends in cybersecurity.
ServiceNow recently disclosed three critical vulnerabilities (CVE-2024-4879, CVE-2024-5217, and CVE-2024-5178) affecting multiple Now Platform versions,…
A newly discovered vulnerability in Google Cloud Platform (GCP) has raised significant security concerns among…
The PKfail vulnerability is a significant security issue affecting over 200 device models of Secure…
A vulnerability in OpenStack's Nova component has been identified, potentially allowing hackers to gain unauthorized…
A North Korean military intelligence operative has been indicted for orchestrating a series of cyberattacks…
RA World, an emerging ransomware group, has been increasingly active since March 2024, using a…