However, at this stage an initial payload is already working on the machine and it changes access permissions in order to load a second-stage payload that then prompts the installation of a third-stage payload, which downloads the backdoor onto the system. The attack could potentially give itself away if users are paying attention because, when the malicious file is run, a Microsoft Word document doesn't appear. It evades detection from antivirus scanners by using special characters deep inside a series of Zip folders. The attacks begin with phishing emails that attempt to encourage victims to run a Zip file disguised as a Word document.
The security company's researchers have linked it to OceanLotus because of the similarities in code and behaviour of the malware, compared with samples used in previous campaigns by the group.
The MacOS backdoor provides the attackers with a window into the compromised machine, enabling them to snoop on and steal confidential information and sensitive business documents. SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic) OceanLotus is known to target foreign organisations working in Vietnam including media, research and construction, and while the motivation for this isn't fully understood, the aim is thought to be to using espionage to aid Vietnamese-owned companies.
MAC SECURITY SOFTWARE FOR HACKERS HOW TO
0 kommentar(er)
