Posted on 02/07/2017 10:57:59 PM PST by Swordmaker
“Just because you’re using a Mac doesn’t mean you’re safe from hackers,” Michael Kan reports for IDG News Service. “That’s what two security researchers are warning, after finding a Mac-based malware that may be an attempt by Iranian hackers to target the U.S. defense industry.”
“The malware, called MacDownloader, was found on a website impersonating the U.S. aerospace firm United Technologies, according to a report from Claudio Guarnieri and Collin Anderson, who are researching Iranian cyberespionage threats,” Kan reports. “The fake site was previously used in a spear phishing email attack to spread Windows malware and is believed to be maintained by Iranian hackers, the researchers claimed.”
“Visitors to the site are greeted with a page about free programs and courses for employees of U.S. defense companies Lockheed Martin, Raytheon, and Boeing,” Kan reports. “The malware itself can be downloaded from an Adobe Flash installer for a video embedded in the site. The website will provide either Windows or Mac-based malware, depending on the detected operating system.”
“The MacDownloader malware was designed to profile the victim’s computer, and then steal credentials by generating fake system login boxes and harvesting them from Apple’s password management system, Keychain. However, the malware is of shoddy quality and is ‘potentially a first attempt from an amateur developer,’ the researchers said,” Kan reports. “The malware failed to run a script to download additional malicious coding onto the infected Mac. But despite the shoddy quality, the malware still managed to evade detection on VirusTotal, which aggregates antivirus scanning engines.”
Read more in the full article here.
MacDailyNews Note: If you receive what you believe to be a phishing email purporting to be from Apple, send it to reportphishing@apple.com, a monitored email inbox, which does not generate individual email replies.
Forwarding the message with complete header information provides Apple with important information. To do this in OS X Mail, select the message and choose Forward As Attachment from the Message menu.
bflr
Pinging dayglored for malware targeting both Mac and Windows.
The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.
If you want on or off the Mac Ping List, Freepmail me
sadly, our users take “compliance training” with software that is flash dependent. I’ve just started using Windows Packaging Publisher via WSUS to start pushing Flash updates/patches to about 1000 endpoints. We don’t have SCCM.
Malware, Windows and Mac ... PING!
Thanks to Swordmaker for the ping!!
I use Flash on Linux and haven’t seen any updates in the last week or so. I wonder if Linux is affected.
Does anyone know if the windows insider program makes the user unable to turn off all the ‘phone home’ junk in windows 10? Do they require that you send them info automatically such as usage, browsing etc for purposes of development?
I missed out on the offer of windows 10 because I procrastinated too long- but I don’t relish the thought of not having control over phone home junk if that would be the case with the insider program
that reminds me, i just installed fresh linux mint 18.1 and forgot to enable firewall- lol thanks for the reminder
Good question, I honestly don't know, but I assume that the point of the insider program is precisely to gather telemetry like crazy. I can't imagine they would give away advance copies of releases unless they were looking for more detailed feedback not merely opinions.
[[but I assume that the point of the insider program is precisely to gather telemetry like crazy.]]
Yep- that would be my assumption too- I would think they’d want to see how ‘real world’ computers handle the code- ie: how vastly different setups and hardware, and software configurations would handle it- The average users like me wouldn’t know hardly any of these things- something would go wrong and we just wouldn’t know what caused it or how to fix it- but if the error messages were sent to MS automatically, they could use it for development purposes without the user needing to know the intricate details of the problem
But then again- perhaps they don’t- i just don’t know- it just seems more probable that they would
Even if you had sccm you should need Shavlik to push flash or Java updates via windows updates. It’s pretty slick
I’ve heard of that. Right now I’m relegated to WPP. I got Java 8_121 to push but without configurations. I’m not a coder so I find it difficult to write configuration files such as exception sites, etc.
I’m in the same boat I’m just an IT Engineer/Manager I try to use off the shelf solutions for deployments our dev team is busy with non-client stuff. I build silent deployment packages but the .exe or base base .MSI has to already support it. Flexera Admin Studio is a great option but it’s very spendy.
I work for the local county—they don’t spend money on anything except 30-lifer’s salaries.
I hear ya! Do you everything for them IT wise?
No we have a more recent hire from the private sector such as myself that do all the work. The “lifers” here are stuck on their old programming skills (fox pro) and refuse to learn anything new after 30 years on the job. Basically they are being paid to do little or nothing.
I do WSUS, desktop support, help the sr. network analyst—recent private sector guy who knows his stuff. Two desktop support people were voluntold to leave—aka forced retirement in the last two years after refusing to change their attitude. I have picked up the slack there pretty much exclusively.
We have two “lifers” left in IT; one who pushes the envelope stirs the pot just so far to escape trouble (ex. calls the boss to ask him what the number to Dell support is)—same guy who REFUSES to learn a new programming language and just makes it miserable for others by refusing to pitch in.
Sounds like most government IT shops. Have a buddy who’s CIO for a school system and he’s dealing with the same issues. These state union dumbasses are so inflexible.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.