Two Mac malware-as-a-Service offerings uncovered

  • 12 June 2017
  • 3 replies
  • 2692 views

Userlevel 7
Badge +54
Zeljka Zorz - June 12, 2017
 
Two pieces of Mac malware – MacRansom and MacSpy – that seem to be created by the same developer are being offered for sale through two separate dark web portals.
 
                                            


 
The malware developer offers both through an as-a-Service model, and potential users are instructed to contact the developer directly through a Protonmail address in order to negotiate the terms, explain their needs, and get the malware.
AlienVault and Fortinet did just that, in order to get the samples and to analyze them.
 
Full Article.

3 replies

Userlevel 7
Badge +62
Thank you Jasper for the information. I'd advise anyone with a Mac to read this article on how to protect themselves from these 2 malware or any other malware to take precautions listed.
Userlevel 7
Badge +54
June 14, 2017 by Thomas Reed
 
                                           


 
A couple weeks ago, two new Malware-as-a-Service (MaaS) offerings for the Mac became available. These two offerings – a backdoor named MacSpy and a ransomware app named MacRansom – were discovered by Catalin Cimpanu of Bleeping Computer on May 25.
 
Cimpanu evidently had some trouble getting hold of samples, but on Friday analysis of MacRansom was posted by Fortinet and analysis of MacSpy was posted by AlienVault.
 
Both of these malware programs were advertised through Tor websites, claiming them to be “The most sophisticated Mac spyware/ransomware ever, for free.” Neither programs were directly available, but could only be obtained by emailing the authors at protonmail[dot]com email addresses.
 
Full Article.
Userlevel 7
Oh, I don't believe...there goes Apple copying MS again...Just because Windows have MaaS Apple decide that they have to have one too...have these miscreants no shame...;)
 
But seriously speaking...the commercialisation of the malware sector infrastructure is increasing and with that is becoming ever more worrying. :(

Reply