Researchers have detected an aggressive attack on restaurants across the United States that uses a relatively new technique to keep its malware undetected by virtually all antivirus products on the market. Malicious code used in so-called fileless attacks resides almost entirely in computer memory, which prevents it from leaving traces that could be spotted by traditional antivirus scanners. The main reason the malware is effective is that the file contents are piped into computer memory using PowerShell, therefore the file wasn't visible to any of the 56 most widely used AV programs.
Researchers discovered a new threat to Apple, two pieces of Mac malware – “MacRansom” and “MacSpy.” The malware seems to be created by the same developer and is being offered for sale through two separate dark web portals. The researchers were able to obtain a copy of the “MacSpy” program, described as the most sophisticated malware for Mac OS-x operating system to date.
The hackers offering MacSpy on the dark net are not selling it but in fact – giving it away at no cost. The software combines with a provided TOR portal to enable users to hack into and obtain surveillance information from targeted Mac computers.
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.