Slashdot Mirror

← Back to Stories (view on slashdot.org)

Russian Cyberspies Blamed For US Election Hacks Are Now Targeting Macs (computerworld.com)

Posted by msmash on from the further-expansion dept.

You may recall "APT28", the Russian hacking group which was tied to last year's interference in the presidential election. It has long been known for its advanced range of tools for penetrating Windows, iOS, Android, and Linux devices. Now, researchers have uncovered an equally sophisticated malware package the group used to compromise Macs. From a report on ComputerWorld: The group -- known in the security industry under different names including Fancy Bear, Pawn Storm, and APT28 -- has been operating for almost a decade. It is believed to be the sole user and likely developer of a Trojan program called Sofacy or X-Agent. X-Agent variants for Windows, Linux, Android, and iOS have been found in the wild in the past, but researchers from Bitdefender have now come across what appears to be the first macOS version of the Trojan. It's not entirely clear how the malware is being distributed because the Bitdefender researchers obtained only the malware sample, not the full attack chain. However, it's possible a macOS malware downloader dubbed Komplex, found in September, might be involved. Komplex infected Macs by exploiting a known vulnerability in the MacKeeper antivirus software, according to researchers from Palo Alto Networks who investigated the malware at the time. The vulnerability allowed attackers to execute remote commands on a Mac when users visited specially crafted web pages.Further reading on ArsTechnica.

1 of 251 comments (clear)

  1. APK Hosts File Engine 9.0++ SR-7 32/64-bit by Anonymous Coward · · Score: 0, Troll

    See subject: A "westinghouse M-25 phased plasma rifle" by "Sgt. TechCom DN38416" via APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

    "Generated nightly from the shit splatter when I sodomize my cat"

    I'm a

    "small shell script controlled: Fully retarded, VERY dumb"!

    Cuz

    "I'm too fukn stupid to know real security"

    ("I can't be bargained w/, I can't be reasoned with. I feel pity, remorse or fear (& I absolutely WILL NOT STOP ever until U R DEAD))"

    &

    "Come w/ me IF u wanna use outdated technology that offers as much protection as a condom with the tip cut off"

    * My program gives u more security/speed/reliability/anonymity 4 less in fast kernelmode natively w/ less complexity/room 4 exploit - Especially vs. threats like this that slow & infect u! It is only fastar because it offers no real security.

    APK

    P.S.=> "the doctors let me on teh internetz today so I am making friends... apk