Researchers from F-Secure, Webroot, and Avast have uncovered Janicab.A, a new trojan that was discovered as a threat to Macs last week and Windows users on Monday, with findings being published recently.
For OS X users, Janicab.A was signed with a valid Apple Developer ID and also uses a special unicode character known as a "right-to-left override" (RLO) that is used in email malware attacks. From there, the trojan uses a YouTube page to hijack infected computers, directs them to command-and-control (C&C) servers, and then leaves the server and hides the infection by making the malware appear as a harmless PDF or DOC file.
Webroot writes:
For OS X users, Janicab.A was signed with a valid Apple Developer ID and also uses a special unicode character known as a "right-to-left override" (RLO) that is used in email malware attacks. From there, the trojan uses a YouTube page to hijack infected computers, directs them to command-and-control (C&C) servers, and then leaves the server and hides the infection by making the malware appear as a harmless PDF or DOC file.
Webroot writes:
After a relatively long lag period without seeing any particular new and exciting Mac malware, last week we saw the surfacing of a new and interesting method of compromising the OSX system. Malware authors have taken a new approach by altering file extensions of malicious .app packages in order to trick users into thinking they are opening relatively harmless .pdf or .doc files. Changing file extensions in Mac OSX can be tricky due to a built in security feature of the OS that detects attempts to change the extension and automatically annexes the extension of its correct file or package type.This news comes after Apple updated security definitions to combat 'Yontoo', an adware trojan this past March, while also regularly dealing with Java-related vulnerabilities. Apple introduced Gatekeeper in OS X Mountain Lion in order to better deal with security threats, offering a way for users to restrict installation of apps to those signed by Apple-issued Developer IDs.
20 comments
Apple is delaying its plans to limit third-party tracking and ads in apps designed for children, reports The Washington Post.
The company's decision comes following an inquiry from The...
Amid word that Apple TV+ could launch in November priced at $9.99/month, MacRumors has discovered additional tidbits within recent betas of macOS Catalina that offer further insight into how the...
Apple today added 13 and 15-inch 2019 MacBook Pro models to its online store for refurbished products in the United States, offering the updated machines at a discount for the first time.
The...
Apple Arcade is set to launch this fall, providing iPhone, iPad, Mac, and Apple TV users with access to a library of over 100 games on a subscription basis, with no ads or additional in-app...
Apple's health team has faced a series of "high-profile departures" in the past year due to internal disagreements about direction, according to CNBC's Christina Farr, who cites...
Timed with the Apple Card launching widely in the United States today, Apple has announced that customers will now receive three percent Daily Cash when they use the Apple Card with Apple Pay for...
Apple Card, the Apple-branded credit card that Apple is launching in partnership with Goldman Sachs, is available for everyone in the U.S. starting today following a preview period that launched a...
Danske Bank, the largest bank in Denmark, today announced it now offers Apple Pay.
Apple Pay is now available to all Danske Bank personal and business customers in Denmark, Sweden, Finland, and...
