fbpx
Connect with us

Consumer Corner

Beware: Pirated macOS Applications Conceal a Dangerous Backdoor

Beware: Pirated macOS apps contain a dangerous backdoor, allowing attackers remote control over infected machines.

Published

on

In a recent discovery by Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley, a disturbing trend has emerged targeting Apple macOS users. Pirated applications, primarily hosted on Chinese pirating websites, have been found to contain a backdoor capable of granting attackers remote control over infected machines.

The modus operandi of these malicious applications is alarming. The backdoored disk image (DMG) files, masquerading as legitimate software such as Navicat Premium, UltraEdit, FinalShell, SecureCRT, and Microsoft Remote Desktop, have been surreptitiously modified to establish communications with actor-controlled infrastructure.

https://q5i.09c.myftpupload.com/beware-hackers-exploit-facebook-copyright-notices-to-steal-credentials/

Upon detonation, the malware downloads and executes multiple payloads in the background, silently compromising the victim’s machine. The unsigned applications, primarily found on a Chinese website named macyy[.]cn, incorporate a dropper component called “dylib,” which is executed each time the application is opened.

The dylib serves as a conduit to retrieve a backdoor (“bd.log”) and a downloader (“fl01.log”) from a remote server. These components are then used to establish persistence and fetch additional payloads on the compromised machine.

The backdoor, located at “/tmp/.test,” is a fully-featured tool built atop the open-source post-exploitation toolkit called Khepri. Despite its temporary location in the “/tmp” directory, it is designed to be recreated each time the pirated application is loaded and the dropper is executed.

Similarly, the downloader, hidden at “/Users/Shared/.fseventsd,” creates a LaunchAgent to ensure persistence and communicates with an actor-controlled server.

Although the server is currently inaccessible, the downloader is crafted to write the HTTP response to a new file located at /tmp/.fseventsds and then launch it.

Jamf researchers have drawn parallels between this malware and ZuRu, a previously observed threat spread through pirated applications on Chinese sites. The similarities in targeted applications, modified load commands, and attacker infrastructure suggest the possibility that this new malware could be a successor to ZuRu.

The implications of these findings are critical for macOS users, especially those tempted to download pirated software. Such malware not only compromises the security and privacy of the user but also provides attackers with unwarranted access to their machines.

In light of this discovery, it is imperative for users to exercise caution and rely solely on legitimate sources for software acquisition. Additionally, maintaining up-to-date security software and practicing safe browsing habits can significantly reduce the risk of falling victim to such insidious attacks.

As the digital landscape continues to evolve, vigilance and awareness remain our most potent defenses against cyber threats. It is crucial that users remain informed and proactive in safeguarding their digital environments against potential infiltration and exploitation.

Source: The Hacker News

If you’re looking for more comprehensive details on this topic, I highly recommend checking out the informative article on The Hacker News. https://thehackernews.com/2024/01/experts-warn-of-macos-backdoor-hidden.html

Want more stories 👋
"Your morning jolt of Inspiring & Interesting Stories!"

Sign up to receive awesome articles directly to your inbox.

We don’t spam! Read our privacy policy for more info.

Automotive

Alpha Motor Corporation’s Ride-Along Event: Shaping the Future of Electric Vehicles

Alpha Motor Corporation shapes the future of electric vehicles through customer-centric ride-along events. Experience the journey at https://youtu.be/rFkpVdyLqOA.

Published

on

Alpha Motor Corporation recently celebrated the successful completion of its ride-along event, a pivotal moment in their quest to revolutionize electric vehicles. Guided by valuable feedback from potential customers who experienced the ride, Alpha is dedicated to tailoring electric vehicles to meet consumer needs effectively.

Copyright © 2024 Alpha Motor Corporation. All rights reserved.

This milestone event, captured in all its glory at https://youtu.be/rFkpVdyLqOA, underscores Alpha’s commitment to customer-centric vehicle development. Following the WOLF truck’s impressive performance in the Southern California desert last summer, this ride-along event solidifies Alpha’s dedication to creating vehicles that resonate with the mainstream market.

Alpha’s ride-along event is available for viewing at https://youtu.be/rFkpVdyLqOA.

Amidst varying weather conditions and challenging terrains, the WOLF truck effortlessly navigated a designated course, showcasing its prowess in handling, speed, and efficiency. Impressively, the vehicle utilized only 20% of its battery capacity during the eight-hour event, with a speedy total charge time of just 30 minutes.

Alpha Motor Corporation aims to leverage the insights gleaned from these ride-along events to enhance vehicle development continually. By incorporating feedback from participants and analyzing driving experiences, Alpha ensures that their electric vehicles not only meet but exceed consumer expectations.

Looking ahead, Alpha plans to host more ride-along events to gather valuable feedback, further refining the driving performance of its modular EV platform. This platform, shared by various models like the WOLF+, SUPERWOLF, REX SUV, and JAX Crossover, embodies Alpha’s commitment to delivering high-quality electric vehicles with accessible design, performance, and ownership experience.

As a trailblazing American automobile company based in Irvine, California, Alpha Motor Corporation is devoted to crafting sustainable transportation solutions that benefit both people and the environment. Through cutting-edge technologies and innovative practices, Alpha is reshaping the automotive landscape, one electrifying vehicle at a time.

For more information, visit https://www.alphamotorinc.com or contact pr@alphamotorinc.com.

(Source: Alpha Motor Corporation)

Continue Reading

Consumer Corner

3 Ways to Use Propane in Your Home

Published

on

(Family Features) A reliable, environmentally friendly energy source, propane can help power key home systems and appliances. Readily available in the United States, the portable, low-carbon energy source is stored on-site, meaning it’s always accessible to help keep homes running regardless of severe weather or other interruptions to the power grid.

Watch this video for helpful tips this season!

Consider these ways to integrate the clean energy source into your home from the experts at the Propane Education & Research Council:

Home Heating
Whether you use a furnace, fireplace or boiler to heat your home, propane can power your heating source in any climate. Propane-powered heating sources are highly efficient, typically cost less overall due to their longer expected lifespans and emit fewer greenhouse gases than electric or wood- or oil-burning alternatives.

Backup Power
When power from the electric grid is interrupted, a propane-powered generator can provide supplemental power in as little as 10 seconds to keep vital systems like smoke and fire detection, refrigeration, heating and cooling, Wi-Fi and other health and safety equipment operational for several days and nights. Plus, propane doesn’t degrade over time, unlike diesel or gasoline, making it an ideal standby power fuel.

Appliances
Because of their high performance and energy efficiency, propane-powered appliances such as cooking ranges and stoves, clothes dryers and tankless water heaters can increase the value of a home and decrease the strain on the electrical grid. Generating fewer greenhouse gas emissions than their electric counterparts, propane-powered appliances can heat and cool quicker, reduce standby losses and dry clothing faster, reducing energy usage and cost.

Learn more about propane and its benefits at Propane.com/ForMyHome.


SOURCE:
PERC

Continue Reading

Consumer Corner

TOY AND GAME INDUSTRY VETERANS JEFFREY BRESLOW, FRANK ADLER LAUNCH NEW FAMILY-FRIENDLY CARD GAME, PICKLE EVERYTHING

Pickle Everything Games introduces new fast-hitting game for pickle lovers, now available at retail

Published

on

CHICAGO, Feb. 5, 2024 /PRNewswire/ — Pickle Everything Games, created by co-founder toy and game industry veterans Jeffrey Breslow and Frank Adler, today introduced a new card game called Pickle Everything, where words meet fun and pickles rule, allowing families and friends to compete against one another in a new, fast-paced and hilarious way. Pickle Everything is now available for purchase for just $9.99 on Amazon and PickleEverything.games.

Together, the partners of Pickle Everything Games have a combined 65 years of toy development experience. Breslow was a founding partner of Big Monster Toys, a role that would lead to his induction in the Toy Manufacturers Hall of Fame in 1988. Games such as Guesstures, Masterpiece, and Ants in the Pants were among the many that he was instrumental in developing. Adler, a seasoned expert in the toy and game industry, was the former president of Uncle Milton, where he took the company from its Ant Farm product line roots to its award-winning Star Wars Science and In My Room brands, which included a full range of Disney Princess and Frozen product lines.

“The rapid growth of pickleball and the cross-generational obsession for pickle-themed everything caught my eye,” said Breslow. “We were inspired by its momentum and wanted to encapsulate that as a card game. Similar to pickleball, Pickle Everything brings people together, sparks laughter, and adds a unique twist to traditional games – all in the comfort of your home.”

Each deck contains 52 clue cards and corresponding answers. The answers to each clue begin with the letter “P” and must be accompanied by the term “pickle.” One player will read the clue card aloud and the first player to shout out the correct answer, followed by the word “pickle,” wins the card. The player with the most cards at the end of the game is crowned the winner.

Pickle Everything is recommended to play alongside three to five players, ages 10 to 110 years old. Instructions, complete with an accompanying link for audio guidance are provided.  Contrary to its name, no prior knowledge of pickleball is required, ensuring accessibility for all players.

“Our intention is for Pickle Everything to spark a Pickle Phenomenon,” stated Adler. “As we continue to literally pickle everything – favorite foods, celebrities, sports, and more – we’re excited to see how the pickle frenzy ensues. This is only the beginning of what to expect from Pickle Everything Games.”

Pickle Everything is now available for purchase on PickleEverything.games and Amazon retailing at $9.99. Visit PickleEverything.games for more information.

ABOUT PICKLE EVERYTHING
Seasoned toy and game industry veterans, Jeffrey Breslow and Frank Adler come together as Pickle Everything Games to create Pickle Everything, the card game where words meet fun and pickles rule. The unique, fast-paced, and hilarious game is designed for players to race against each other to answer the clues. Pickle Everything is a family-friendly game, intended for players ages 10 years and above. Follow Pickle Everything on Instagram (@PickleEverythingGame) and Facebook (PickleEverything). Visit PickleEverything.games to learn more.

SOURCE Pickle Everything Games

Continue Reading

Trending