![]() While not foolproof (see last year’s Handbrake debacle), it reduces the likelihood of exposure to malware. Meanwhile, remember to always seek out updates from more official channels. If you recently used this site - especially if you downloaded one of the affected apps - consider firing up your security software for a closer look at your system. While convenient, it is a potentially serious point of vulnerability in fact, this is not the first time MacUpdate has served up malware by mistake. Though the problem was noticed relatively quickly, and the offending links corrected, it still showcases some of the dangers inherent in using unofficial “app stores” to gather updates for your software, such as MacUpdate. It then passed any mined cryptocurrency (in this case, Monero) back to the author of the app. ![]() Ultimately, once the decoy process completes, the malware loads a command line-based utility that works to solve cryptographic problems using your system’s resources. Clues such as this could quickly tip off users to the fact that something isn’t quite right. It’s here that the sloppiness in the programming of the malware becomes clearer, as this process can either fail or result in the incorrect app launching. ![]() The malware then goes to work, working through a convoluted process to download the actual malware payload and attempting to launch it to mine cryptocurrency.ĭuring this stage, the malware appears to take steps to conceal its actions by launching a decoy, a copy of the actual software the user thought they were updating. Because they look legitimate, users would likely install them as normal. By altering the site to point users to download links that were only subtly different from the correct URLs, they could trick users to download an infected disk image (.dmg) file. Uncovered by security researcher Arnaud Abbati, the hack affected three apps that we know of, including Deeper (personalization software), OnyX, and Firefox. Unfortunately, it looks like several apps on the site were compromised and pushed malware to user machines. This Mac app scans your applications folders, checks the version of each app present, and consults its database. That’s a noble goal, as some of the worst security flaws and crashing behavior appear in slightly older versions of software we use routinely. A popular site for many years, MacUpdate acts like a “one stop shop” for software updates, allowing users to grab updated copies of their favorite software quickly. MacUpdater has a simple mission: keeping your apps up to date. We’ve seen the emergence of a new type of malware that’s hitting Mac users through a service used to streamline the updating process, MacUpdate. Keeping the software on your Mac up to date is essential, particularly because it can help to keep you safe from new threats and vulnerabilities. Popular MacUpdate Website Hacked to Distribute Crypto Miner
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |