Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

February 10, 2017

Macs Gaining Market Share? – First Mac Word Macro Malware Spotted In Wild

Filed under: Cybersecurity — Patrick Durusau @ 11:23 am

Watch Out! First-Ever Word Macro Malware for Apple Mac OS Discovered in the Wild by Swati Khandelwal.

From the post:


Denying permission can save you, but if enabled ignoring warnings, the embedded macro executes a function, coded in Python, that downloads the malware payload to infect the Mac PCs, allowing hackers to monitor webcams, access browser history logs, and steal password and encryption keys.

According to a blog post published this week by Patrick Wardle, director of research at security firm Synack, the Python function is virtually identical to EmPyre – an open source Mac and Linux post-exploitation agent.

“It’s kind of a low-tech solution, but on one hand it’s abusing legitimate functionality so it’s not going to crash like a memory corruption or overflow might, and it’s not going to be patched out,” said Wardle.

Wardle tracked the IP address from which the malicious Word documents were spread to Russia and that IP has previously been associated with malicious activities like phishing attacks.

Granting this isn’t on the same level of technology as the in memory viruses I mentioned yesterday, but an attack vector that exploits human error and isn’t going to be ‘patched’ out is a good find.

With the present Republican regime in the United States, human error may be all that is necessary to peel government IT like an orange.

Besides, it isn’t the sophistication of the attack that counts (outside of BlackHat conferences) but the results you obtain without getting caught.

Yes?

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress