It is currently 15-12-2017 13:10

Malware attacks MacOs users are using Tor

Malware attacks MacOs users are using Tor

by seo_worker » 2016-07-06 09:55:40



Analysts at Bitdefender have discovered a new threat (PDF), aimed at the Mac OS (formerly OS X). Malware Backdoor.MAC.Eleanor actually adds to the system by the backdoor, by posting on the victim's computer domain .onion, so to access the infected system, hackers need only a standard browser.



The researchers report that at the moment the Backdoor.MAC.Eleanor disguised as an app EasyDoc Converter — file Converter and distributed via third-party websites for Mac. Really is Converter users get a malicious script that installs and adds a startup three component: Tor hidden service, PHP Web service and client Pastebin.

Tor is used to establish automatic connection between the infected machine and "onion" network, as well as to create a domain in the zone .the onion, which will be available to attackers using a simple browser.



PHP is responsible for control over the infected machine. The component shall receive commands from attackers and is responsible for interpreting these commands for macOS.

Pastebin client need to transfer data about a new victim of cyber criminals. It loads information about the local domain .onion on Pastebin, pre-encrypting information with a public RSA key, using the algorithm base64.



In the end Backdoor.MAC.Eleanor allows attackers to feel infected like home. In fact, the affected device becomes part of a botnet. The attacker can interact with the file system, launch a reverse shell to execute root commands, and to execute any scripts on PHP, PERL, Python, Ruby, Java, or C.

The operators of the botnet can make the infected machine to send spam, participate in DDoS attacks that can steal private data or install on the device additional malware. In addition, the attacker is able to intercept picture and video with the webcam of the victim. Here is the "gallery" in the control panel bedorom:

seo_worker
moderators
Сообщений: 789
Депозит: 0.005 BTC

Rating: 2

cronbot - Банк бот / bank bot

by Admin » 2017-12-15 13:10:38

cronbot - Банк бот / bank bot

Сдадим в аренду комплексного банк бота со след функционалом.

Admin
 

Malware attacks MacOs users are using Tor

by allmore » 2016-07-06 10:40:05

and until the Mac got)
allmore
moderators
Сообщений: 77
Депозит: 0.00225899 BTC

Rating: 4