Jamf Threat Labs has detected a series of pirated macOS applications that have been modified to communicate to attacker infrastructure.
These applications are being hosted on Chinese pirating websites in order to gain victims. Once detonated the malware will download and execute multiple payloads in the background in order to secretly compromise the victims machine.
Jamf Threat Labs has noted a number of similarities between this malware and the ZuRu malware, which was originally discovered in 2021 and has been blogged about by Objective-See andTrend Micro.
The ZuRu malware was originally found in pirated applications iTerm, SecureCRT, Navicat Premium, and Microsoft Remote Desktop Client. Similar to findings of the ZuRu malware in 2021, this malware also appears to primarily target victims in China based on the uploads Jamf Threat Labs has seen to VirusTotal, the hosting of apps on pirated Chinese websites, and the attacker infrastructure which communicates with Chinese IP addresses.
This is not the first time Jamf Threat Labs has seen malware within pirated applications.
“One of the major difficulties in dealing with users who install pirated applications is that they expect to see security alerts, as the software isn’t legitimate,” says Jamf Threat Labs.”This expectation leaves them willing to skip past any security warning prompts built into the operating system, such as Gatekeeper, which informs users that these applications are not safe to open. Jamf Threat Labs remains vigilant in detecting these changes to keep customers safe and blocks this malware with our threat prevention feature.”
According to Bloomberg, Apple retail employees in New Jersey have voted against unionization, the Communications…
Workers at Apple’s retail store in Towson, Maryland, have voted in favor of authorizing a…
No major app developers have signed up to use outside payment options that Apple introduced…
Apple has closed in on an agreement with OpenAI to use the startup’s technology on…
Here are the top Apple-related articles at Apple World Today for the week of May…
The fast-paced global economy sees outsourcing as a cornerstone strategy for businesses striving to streamline…